AUTHENTICATED 
U.S. GOVERNMENT 
INFORMATION ^ 


THE 10TH ANNIVERSARY OF 
THE SARBANES-OXLEY ACT 


HEARING 

BEFORE THE 

SUBCOMMITTEE ON CAPITAL MARKETS AND 
GOVERNMENT SPONSORED ENTERPRISES 

OF THE 

COMMITTEE ON FINANCIAL SERVICES 
U.S. HOUSE OF REPRESENTATIVES 

ONE HUNDRED TWELFTH CONGRESS 

SECOND SESSION 


JULY 26, 2012 


Printed for the use of the Committee on Financial Services 


Serial No. 112-152 



U.S. GOVERNMENT PRINTING OFFICE 
76-123 PDF WASHINGTON : 2013 


For sale by the Superintendent of Documents, U.S. Government Printing Office 
Internet: bookstore.gpo.gov Phone: toll free (866) 512—1800; DC area (202) 512-1800 
Fax: (202) 512-2104 Mail: Stop IDCC, Washington, DC 20402-0001 


HOUSE COMMITTEE ON FINANCIAL SERVICES 

SPENCER BACHUS, Alabama, Chairman 


JEB HENSARLING, Texas, Vice Chairman 
PETER T. KING, New York 
EDWARD R. ROYCE, California 
FRANK D. LUCAS, Oklahoma 
RON PAUL, Texas 
DONALD A. MANZULLO, Illinois 
WALTER B. JONES, North Carolina 
JUDY BIGGERT, Illinois 
GARY G. MILLER, California 
SHELLEY MOORE CAPITO, West Virginia 
SCOTT GARRETT, New Jersey 
RANDY NEUGEBAUER, Texas 
PATRICK T. McHENRY, North Carolina 
JOHN CAMPBELL, California 
MICHELE BACHMANN, Minnesota 
KEVIN McCarthy, California 
STEVAN PEARCE, New Mexico 
BILL POSEY, Florida 

MICHAEL G. FITZPATRICK, Pennsylvania 

LYNN A. WESTMORELAND, Georgia 

BLAINE LUETKEMEYER, Missouri 

BILL HUIZENGA, Michigan 

SEAN P. DUFFY, Wisconsin 

NAN A. S. HAYWORTH, New York 

JAMES B. RENACCI, Ohio 

ROBERT HURT, Virginia 

ROBERT J. DOLD, Illinois 

DAVID SCHWEIKERT, Arizona 

MICHAEL G. GRIMM, New York 

FRANCISCO “QUICO” CANSECO, Texas 

STEVE STIVERS, Ohio 

STEPHEN LEE FINCHER, Tennessee 

FRANK C. GUINTA, New Hampshire 


BARNEY FRANK, Massachusetts, Ranking 
Member 

MAXINE WATERS, California 
CAROLYN B. MALONEY, New York 
LUIS V. GUTIERREZ, Illinois 
NYDIA M. VELAZQUEZ, New York 
MELVIN L. WATT, North Carolina 
GARY L. ACKERMAN, New York 
BRAD SHERMAN, California 
GREGORY W. MEEKS, New York 
MICHAEL E. CAPUANO, Massachusetts 
RUBEN HINOJOSA, Texas 
WM. LACY CLAY, Missouri 
CAROLYN MCCARTHY, New York 
JOE BACA, California 
STEPHEN F. LYNCH, Massachusetts 
BRAD MILLER, North Carolina 
DAVID SCOTT, Georgia 
AL GREEN, Texas 
EMANUEL CLEAVER, Missouri 
GWEN MOORE, Wisconsin 
KEITH ELLISON, Minnesota 
ED PERLMUTTER, Colorado 
JOE DONNELLY, Indiana 
ANDRE CARSON, Indiana 
JAMES A. HIMES, Connecticut 
GARY C. PETERS, Michigan 
JOHN C. CARNEY, Jr., Delaware 


James H. Clinger, Staff Director and Chief Counsel 


(II) 



Subcommittee on Capital Markets and Government Sponsored Enterprises 
SCOTT GARRETT, New Jersey, Chairman 


DAVID SCHWEIKERT, Arizona, Vice 
Chairman 

PETER T. KING, New York 
EDWARD R. ROYCE, California 
FRANK D. LUCAS, Oklahoma 
DONALD A. MANZULLO, Illinois 
JUDY BIGGERT, Illinois 
JEB HENSARLING, Texas 
RANDY NEUGEBAUER, Texas 
JOHN CAMPBELL, California 
KEVIN McCarthy, California 
STEVAN PEARCE, New Mexico 
BILL POSEY, Florida 

MICHAEL G. FITZPATRICK, Pennsylvania 
NAN A. S. HAYWORTH, New York 
ROBERT HURT, Virginia 
MICHAEL G. GRIMM, New York 
STEVE STIVERS, Ohio 
ROBERT J. DOLD, Illinois 


MAXINE WATERS, California, Ranking 
Member 

GARY L. ACKERMAN, New York 
BRAD SHERMAN, California 
RUBEN HINOJOSA, Texas 
STEPHEN F. LYNCH, Massachusetts 
BRAD MILLER, North Carolina 
CAROLYN B. MALONEY, New York 
GWEN MOORE, Wisconsin 
ED PERLMUTTER, Colorado 
JOE DONNELLY, Indiana 
ANDRE CARSON, Indiana 
JAMES A. HIMES, Connecticut 
GARY C. PETERS, Michigan 
AL GREEN, Texas 
KEITH ELLISON, Minnesota 


(III) 




CONTENTS 


Page 

Hearing held on: 

July 26, 2012 1 

Appendix: 

July 26, 2012 29 

WITNESSES 
Thursday, July 26, 2012 

Berlau, John, Senior Fellow, Finance and Access to Capital, the Competitive 

Enterprise Institute (CEI) 2 

Bullard, Mercer E., President and Founder, Fund Democracy, Inc., and Jessie 
D. Puckett, Jr., Lecturer and Associate Professor of Law, the University 

of Mississippi School of Law 3 

Coffee, John C., Jr., Adolf A. Berle Professor of Law, Columbia University 

Law School 4 

Gallagher, Michael J., Chairman, Professional Practice Executive Committee, 

Center for Audit Quality (CAQ) 5 

Hatfield, Jeffrey S., President and Chief Executive Officer, Vitae Pharma- 
ceuticals, on behalf of the Biotechnology Industry Organization (BIO) 6 

Hollein, Marie N., President and Chief Executive Officer, Financial Execu- 
tives International (FEI) 8 

APPENDIX 

Prepared statements: 

Garrett, Hon. Scott 30 

Bachus, Hon. Spencer 32 

Moore, Hon. Gwen 34 

Berlau, John 55 

Bullard, Mercer E 61 

Coffee, John C., Jr 82 

Gallagher, Michael J 93 

Hatfield, Jeffrey S 108 

Hollein, Marie N 115 

Additional Material Submitted for the Record 

Garrett, Hon. Scott: 

Written statement of The Institute of Internal Auditors (IIA) 119 

Attestation provisions of Lehman Brothers, JPMorgan, Bear Stearns, 

MF Global, Fannie Mae, and Freddie Mac 122 


(V) 




THE 10TH ANNIVERSARY OF 
THE SARBANES-OXLEY ACT 


Thursday, July 26, 2012 

U.S. House of Representatives, 

Subcommittee on Capital Markets and 
Government Sponsored Enterprises, 

Committee on Financial Services, 

Washington, D.C. 

The subcommittee met, pursuant to notice, at 9:36 a.m., in room 
2128, Rayburn House Office Building, Hon. Scott Garrett [chair- 
man of the subcommittee] presiding. 

Members present: Representatives Garrett, Schweikert, Royce, 
Biggert, Hensarling, Campbell, Pearce, Posey, Fitzpatrick, 
Hayworth, Hurt, Dold; Waters, Sherman, Lynch, Maloney, Himes, 
and Green. 

Chairman Garrett. Good morning, everyone. The Subcommittee 
on Capital Markets and Government Sponsored Enterprises will 
come to order. Today’s subcommittee hearing is entitled, “The 10th 
Anniversary of the Sarbanes-Oxley Act.” Normally, you think of an- 
niversaries are good things. After we hear from this panel today, 
we will see how amused we should be about this anniversary. 

First, we are going to handle a couple of housekeeping items. We 
have a lengthy series of votes on the Floor that we have been ad- 
vised of beginning as early as 10:30, so in order to accommodate 
all of the members of our panel, it has been agreed to by us and 
the Minority that all Members’ opening statements that we nor- 
mally would give are going to be waived at this point as far as 
reading them, and they are going to be submitted for the record. 

In addition, the Minority has also agreed with us that — I guess 
you guys know this already, unfortunately — your opening state- 
ments have also been shortened from 5 minutes down to 3 minutes. 

For us up here, I advise the Members that I am going to strictly 
enforce the 5-minute rule. So if you have questions, make sure your 
questions get asked and answered within your 5 minutes so that 
we can go onto the next person’s questions. 

Finally, it is my intention that we will release the panel and re- 
lease the committee at the call to votes. Hopefully, the votes will 
go a little bit late. But when the votes are called, we have to go. 

So, thank you, everyone, for your accommodations. With that, I 
thank the entire panel for being here with us today. And we will 
start, as we always do, on the left hand side of our panel. 

Welcome. And for those of you who have not been here before, 
you have 3 minutes, not 5 minutes. As always, we ask you to 
please bring the microphone as close to you as you can because 

(l) 



2 


some of us cannot hear you up here if you do not speak into the 
microphone. 

Mr. Berlau, welcome, and you are recognized for just 3 minutes. 
And thank you very much for coming to the panel today. 

STATEMENT OF JOHN BERLAU, SENIOR FELLOW, FINANCE 

AND ACCESS TO CAPITAL, THE COMPETITIVE ENTERPRISE 

INSTITUTE (CEI) 

Mr. Berlau. Thank you, Chairman Garrett. And thank you, 
Ranking Member Waters and all the honorable members of this 
subcommittee for inviting me here to testify on behalf of my organi- 
zation, the Competitive Enterprise Institute, a think tank founded 
in 1984 that fights and advocates and educates about freedom and 
opportunity for investors, entrepreneurs, and the economy as a 
whole. 

And I must say I agree with you, Mr. Chairman, that on past an- 
niversaries there really was not much for investors and entre- 
preneurs, with Sarbanes-Oxley and the way its provisions had been 
implemented, to celebrate. As the Obama Administration’s Council 
on Jobs and Competitiveness recognized in a recent report, “well- 
intentioned regulations aimed at protecting the public from the 
misrepresentations of a small number of large companies have un- 
intentionally placed significant burdens on a large number of 
smaller companies.” 

And it made the connection and fingered Sarbanes-Oxley, or 
SOX, as a culprit in the long-term decline in IPOs, something that 
happened long before the recession in the first few years after 
SOX’s passage — you can even look at the number of IPOs lower in 
the boom years after SOX than in the early years that were slow 
growth years of the 1990s — and made the connection between IPOs 
and job growth. 

But actually, on this anniversary we do have a little bit to cele- 
brate because this House, virtually all the members of this sub- 
committee, and President Obama have enacted into law the 
Jumpstart Our Business Startups Act, and we are already seeing 
that pay dividends for investors, entrepreneurs, and the economy 
as a whole. 

The JOBS Act creates an on-ramp that among other things ex- 
empts newly public companies for their first 5 years from the inter- 
nal control mandates of Section 404. And we are already seeing 
well-respected companies list under the JOBS Act such as Kayak, 
last week — the travel booking site — and Five Below, the teen retail 
discounter, which had very successful IPOs that are trading above 
their share price in contrast to the Facebook IPO, which was not 
subject to the JOBS Act; it was too large. 

So, we are seeing — we have already seen, I have in an appendix, 
46 companies that are listing here because of the JOBS Act. They 
are designating themselves as emerging growth companies under 
the law. I think that is evidence that SOX was choking off IPOs 
both the sheer number and actually smaller IPOs. But there is 
more we can do. And H.R. 6161 would keep a small company in 
revenues and profits from being designated as large just because 
of market volatility as a large company. 

Thank you, and I am happy to answer any questions. 



3 


[The prepared statement of Mr. Berlau can be found on page 55 
of the appendix.] 

Chairman Garrett. And thank you for your testimony. 

Mr. Bullard, welcome to the family. And you are recognized for 
3 minutes. 

STATEMENT OF MERCER E. BULLARD, PRESIDENT AND 

FOUNDER, FUND DEMOCRACY, INC., AND JESSIE D. 

PUCKETT, JR., LECTURER AND ASSOCIATE PROFESSOR OF 

LAW, THE UNIVERSITY OF MISSISSIPPI SCHOOL OF LAW 

Mr. Bullard. Thank you, Chairman Garrett. Thank you, Rank- 
ing Member Waters, and members of the subcommittee for the op- 
portunity to appear before you today on the anniversary of Sar- 
banes-Oxley. It is an honor and a privilege to appear before the 
committee again today. 

Before addressing the Act itself, it is worth revisiting the bipar- 
tisan context in which it was enacted. House and Senate votes in 
favor of Sarbanes-Oxley totaled 522, with only 3 votes cast against. 

This is remarkable in view of the major reforms the Act entailed, 
in particular, the creation of an entirely new regulatory entity, the 
PCAOB, that has become a leading force in the regulation of public 
accounting both in the United States and abroad. Some provisions 
have generated controversy, however. For example, Section 404 has 
been criticized for imposing excessive costs on issuers. 

In my view, this criticism is substantially misplaced. The cost of 
compliance derives not from Section 404 itself, which imposes very 
generic monitoring requirements. Rather, compliance costs derive 
from the implementation of Section 404 by regulators. And this is 
where any changes should be made. 

Nonetheless, Congress has granted wholesale exemptions from 
Section 404, which I believe are inconsistent with the very concept 
of a public company, which really has meaning only if public com- 
panies are subject to a consistent set of default rules. This problem 
would be exacerbated by the Fostering Innovation Act, which would 
make existing Section 404 exemptions essentially swallow the rule. 

In conclusion, I would like to address four other areas of concern 
relating to Sarbanes Oxley. 

First, PCAOB Chairman Doty has rightfully argued that PCAOB 
disciplinary proceedings should not be conducted in secret. It is not 
appropriate to ask issuers’ audit committees to choose their audi- 
tors with care, while depriving them of information about alleged 
auditor misconduct. Congress should amend Sarbanes-Oxley to re- 
quire that PCAOB proceedings be public, as SEC proceedings 
against auditors have been for 25 years. 

Second, I encourage Congress not to adapt a statutory prohibi- 
tion against mandatory auditor rotations. The PCAOB should be 
afforded the deference due to an expert regulator to make findings 
and adopt rules in this area as appropriate. 

Third, Congress should amend the whistle-blowing provision of 
Sarbanes-Oxley to clarify that disclosing the misconduct of public 
companies will be protected, even when the whistleblower is em- 
ployed by a private company. The SEC, the Department of Labor, 
and numerous DOL arbitrations have all agreed with this view, but 
a divided First Circuit panel has taken the opposite position. The 



4 


court’s holding allows a public company to neutralize the whistle- 
blowing provision simply by hiring a nonpublic accountant or other 
entity to conduct its compliance activities. 

Finally, Congress should inquire into companies’ compliance with 
a requirement to report executive stock option grants within 2 
days. This requirement has been instrumental in preventing the 
options backdating that was pervasive prior to 2002. But research 
shows that backdating persists because up to a quarter of option 
grants are being reported in violation of the 2-day requirement. 

Thank you again for the opportunity to appear before you today. 
I would be happy to answer any questions you may have. 

[The prepared statement of Professor Bullard can be found on 
page 61 of the appendix.] 

Chairman Garrett. Thank you. 

Mr. Coffee, good morning, and welcome to the panel. 

STATEMENT OF JOHN C. COFFEE, JR., ADOLF A. BERLE 

PROFESSOR OF LAW, COLUMBIA UNIVERSITY LAW SCHOOL 

Mr. Coffee. Good morning. Thank you, Chairman Garrett, and 
members of the subcommittee. I am happy to be here for the 10th 
anniversary of SOX. 

I will start with this general observation: Since SOX was en- 
acted, there has been a robust debate, indeed an intellectual war 
between those who argue that the declining competitive position of 
U.S. capital markets was caused by overregulation, an alleged ava- 
lanche of overregulation; and the other side, which says that inves- 
tors basically have lost confidence in U.S. capital markets both be- 
cause of a host of scandals and because of underregulation, as over- 
worked and underfunded regulatory agencies have failed repeat- 
edly. 

In the abstract, I think both sides can be right, and can score 
points. And I will agree that there has been, at times, significant 
overregulation. 

Nonetheless, we look at our current vantage point on the 10th 
anniversary. I must tell you that the greatest obstacle to stronger 
capital markets and better access for smaller issuers to the equity 
capital market is not overregulation, but it is the loss of investor 
confidence. 

When you look at what is causing investor confidence to decline, 
we can start with the original Internet bubble back in 2001, when 
investors saw that securities analysts were conflicted and that ac- 
countants were often compromised. Sarbanes-Oxley tried to ad- 
dress that. But since then, we have seen a host of very recent scan- 
dals that have to have an impact on investor confidence. 

Investors are seeing over and over again that underfunded, over- 
worked regulators cannot catch real crooks, and they only slap 
them on the wrist when they do catch them. We have all just seen 
the Peregrine Financial and MF Global scandals, and frankly it is 
hard to understand why a rational investor would put money into 
a commodities account with a commodities broker when no one 
seems to know whether the customer funds had been segregated 
from the funds placed at risk by proprietary trading. 

That scam at Peregrine Financial was a 20-year Ponzi scheme 
that went undetected. We are now watching the Libor scandal. Not 



5 


only does it show us what we already know, that creators will often 
manipulate markets, but that regulators can be very cozy and very 
equivocal in their response. 

I could go through a number of similar examples. But my point 
is again that in the wake of the JOBS Act, where we have deregu- 
lated the market for emerging growth companies, which I under- 
stand. They are given a 5-year transitional period. 

The step now being contemplated is that we are going to let com- 
panies that are not emerging and not growth companies, they are 
rather companies that I would call mature mediocrities, get a per- 
manent exemption from Section 404. The SEC has studied this 
problem and the SEC has found that compliance with Section 404 
greatly reduces the rate of financial restatements. Thus, I would 
suggest that the case for exempting mature mediocrities has not 
yet been made. 

My time is up. Thank you. 

[The prepared statement of Professor Coffee can be found on 
page 82 of the appendix.] 

Chairman Garrett. Thank you very much. 

Mr. Gallagher, welcome to the panel. And you, too, are recog- 
nized for 3 minutes. Thank you. 

STATEMENT OF MICHAEL J. GALLAGHER, CHAIRMAN, PRO- 
FESSIONAL PRACTICE EXECUTIVE COMMITTEE, CENTER 

FOR AUDIT QUALITY (CAQ) 

Mr. Gallagher. Thank you, Mr. Chairman. Mr. Chairman, 
Ranking Member Waters, and members of the subcommittee, my 
name is Mike Gallagher and I am pleased to testify today on behalf 
of the U.S. auditing profession regarding the Sarbanes-Oxley Act of 
2002. I have more than 26 years of experience in public accounting. 
I am currently the chairman of the Professional Practice Executive 
Committee, or PPEC, of the Center for Audit Quality. I am also the 
managing partner of PwC’s audit quality functions. I am speaking 
today with you in my capacity as the PPEC chairman. 

In examining Sarbanes-Oxley, let us go back to where we were 
10 years ago and the reason the Act was passed. The markets were 
roiled by a series of massive financial reporting frauds, including 
Enron and WorldCom. The fraudulent and materially misstated fi- 
nancial information reported by these companies drove their stock 
price up to levels that were completely unsupported by economics 
or their business performance. 

When the frauds were ultimately exposed, investor reaction was 
swift and decisive. Both companies failed in sudden and dramatic 
ways, causing a loss of investor confidence more broadly across the 
capital markets. 

To restore investor confidence and enhance protection, Congress 
responded in a near unanimous and bipartisan fashion by passing 
the Sarbanes-Oxley Act. The House vote was 423-3, and the Sen- 
ate vote was 99-0. President Bush signed the bill into law, ush- 
ering in a new era of reforms that improve the integrity of financial 
reporting. 

In sharp contrast, the business failures during the more recent 
financial crisis resulted from sudden and extreme economic events, 



6 


most notably the seizing of liquidity, which caused certain compa- 
nies to fail. 

So let me briefly highlight some of the significant provisions of 
the Sarbanes-Oxley Act. The Act strengthened audit committees. It 
empowered them to more effectively carry out their responsibilities. 
It made management clearly responsible for the financial state- 
ments, enhancing accountability for financial reporting. And audit- 
ing was improved through the creation of the PCAOB and 
strengthening independence rules. 

Now, the changes I described certainly came with costs. How- 
ever, these costs generally have declined significantly over the last 
10 years due to company and auditor efficiencies as well as actions 
taken by the PCAOB and the SEC. The Dodd-Frank and JOBS Act 
also provided certain exemptions and further relief. 

So, in bringing this to a close, unfortunately when the public 
hears about financial reporting, the new is never good. It is about 
the restatement, the material control weakness or the business fail- 
ure. 

In my position, I get to see the other side, the positives of Sar- 
banes-Oxley, almost every day. The restatement that was avoided 
because of a key internal control; the disclosure that was improved 
due to a great dialogue between the audit committee, the manage- 
ment, and the auditor; and the fraud that was identified early be- 
cause of higher-quality auditing. These successes are not public, 
and they do not make news. The benefits of Sarbanes-Oxley are 
substantial. And in my view, it is serving the capital markets and 
investors very well. 

Thank you. And I am happy to answer any questions you may 
have. 

[The prepared statement of Mr. Gallagher can be found on page 
93 of the appendix.] 

Chairman Garrett. And I thank you for your testimony. 

At this time, before we go to Mr. Hatfield, I believe Mr. 
Fitzpatrick would like to make an introduction. And before I do 
that, I will just say I wish to thank the gentleman for his efforts 
in this area and your legislation as well. 

Mr. Fitzpatrick. Thank you, Mr. Chairman. I would like to in- 
troduce Mr. Jeffrey Hatfield with Vitae, an emerging biotech firm 
in Montgomery County, Pennsylvania. We welcome you today to 
the committee. Thank you, sir. 

Chairman Garrett. Thank you. 

The gentleman is recognized for 3 minutes. Mr. Hatfield? 

STATEMENT OF JEFFREY S. HATFIELD, PRESIDENT AND 

CHIEF EXECUTIVE OFFICER, VITAE PHARMACEUTICALS, ON 

BEHALF OF THE BIOTECHNOLOGY INDUSTRY ORGANIZA- 
TION (BIO) 

Mr. Hatfield. Thank you. Good morning, Chairman Garrett, 
Ranking Member Waters, and members of the subcommittee. My 
name is Jeff Hatfield. I am the president and CEO of Vitae Phar- 
maceuticals, as mentioned, in Fort Washington, Pennsylvania. I 
want to thank you for the opportunity to speak today about the 
unique hurdles the biotech industry faces in its quest to discover, 



7 


develop, and deliver to patients important new cures for diseases 
that plague those patients. 

Now, in finding an important balance between regulations that 
protect investors and regulatory burdens that stifle growth, the key 
is speeding breakthrough discoveries to people who desperately 
need them. Delivering new treatments to patients is difficult. It 
takes biotech more than a decade to research and over a billion dol- 
lars on average to bring novel treatments to people living with dis- 
ease. 

This very long development effort is undertaken without any 
product revenue to pay for the tremendous costs. Biotech compa- 
nies instead rely entirely on external investors to fund our re- 
search. Because investment dollars go directly from the investor to 
the lab, any funds devoted outside that R&D effort are by defini- 
tion lost to scientific innovation. 

Biotechs are simple organizations. The overwhelming majority 
have less than 100 employees located in the same building and no 
product revenue. At Vitae, for example, my CFO personally reviews 
the documentation for and signs every check that we issue. I do the 
same for any check over $5,000. That is how capital-efficient our 
investors expect us to be. 

And yet if we went public, we would have to dedicate upwards 
of a million dollars annually to comply with requirements for inter- 
nal controls for financial reporting. That is almost $20,000 per sci- 
entist at Vitae for compliance with Section 404(b) as it exists. 
Without product revenue, those funds would come directly from in- 
vestors, damaging the conversion of their capital from science to 
compliance. 

Alternatively, I think about the 2010 congressional grant initia- 
tive called the Therapeutic Discovery Project. Vitae applied for and 
was fortunate to receive last year research grants totaling around 
$900,000. We used that to hire scientists to advance our work. If 
we were public, we would have had to in essence turn that money 
over to an accounting firm for auditors. It is very clear to me which 
choice our investors prefer. 

I support investor protection. In the biotech industry, an in- 
formed investor is a good one. If the information disclosures re- 
quired by SOX do not align with information my investors most 
want and need — we put our historical financial reports and the 
meeting materials for every board meeting; I had one yesterday. 

Rarely, if ever, in the 8 years I have been CEO, have we dis- 
cussed the historic financial numbers. What the investors focus on 
and want to know in great detail is about the science that we gen- 
erate. Investors make their decisions about companies based on sci- 
entific milestones, not statements and reports mandated by Section 
404(b). 

The cost of compliance far outweighs its benefits. If Congress can 
relax this regulatory burden on small companies like those found 
in the biotech industry, it will allow innovators and entrepreneurs 
to continue working towards delivering the next generation of med- 
ical breakthroughs which can someday day cure the patients who 
need them. Thank you. 

[The prepared statement of Mr. Hatfield can be found on page 
108 of the appendix.] 



8 


Chairman Garrett. And I thank you for that. Thank you, Mr. 
Hatfield. 

Ms. Hollein, welcome. And you are recognized for 3 minutes. 

STATEMENT OF MARIE N. HOLLEIN, PRESIDENT AND CHIEF 

EXECUTIVE OFFICER, FINANCIAL EXECUTIVES INTER- 
NATIONAL (FEI) 

Ms. Hollein. Thank you. Good morning, Chairman Garrett, 
Ranking Member Waters, and members of the subcommittee. I am 
pleased to testify before you concerning the Sarbanes Oxley Act 
and its impact on Financial Executives International. FEI is a pro- 
fessional organization of 15,000 senior financial executives for more 
than 8,000 private and public companies. 

Integrity is the necessary first principle for effective markets, 
and an important part of FEI’s mission. Every investor depends on 
accurate and reliable financial reporting. Without the trust that 
comes with market integrity and sound corporate governance, in- 
vestors withdraw, capital markets wither, companies cannot grow, 
and jobs become scarce. 

Ten years ago, Congress passed Sarbanes-Oxley to restore integ- 
rity to a tarnished market. Now, we have an opportunity to exam- 
ine what has worked and how we might do better. 

During the SOX debate, FEI offered several recommendations 
which were eventually adopted into the legislation, one of which re- 
sulted in the requirement that a company’s CEO and CFO certify 
the firm’s financial statement. 

The requirement that CEOs and CFOs must personally certify 
their company’s financial statements is the crown jewel of Sar- 
banes-Oxley. This sets the tone from the top, increases the account- 
ability and drives better corporate governance. 

After its passage, even SOX supporters acknowledged portions 
were costly, time-consuming, and overly prescriptive. FEI’s 2005 
survey on SOX implementation showed a 66% increase in external 
consulting costs and a 58% increase in auditor fees. In 2011, fees 
continued to rise, but at a slower 5% average rate. 

While FEI does not yet have a position on H.R. 6161, offered by 
Congressman Fitzpatrick, a number of our member benefit compa- 
nies would benefit from the increase in reporting flexibility it pro- 
vides. 

As we consider new laws, regulations are not the only path to 
better markets. FEI is stepping up to the plate to research, im- 
prove, and share best practices in deterring and detecting fraud 
through its work as a bonding member of COSO and the Anti- 
Fraud Collaboration. 

Thank you for the opportunity to address you this morning. And 
I look forward to your questions. 

[The prepared statement of Ms. Hollein can be found on page 115 
of the appendix.] 

Chairman Garrett. Great. Thank you. 

We will now begin the questions. I am going to defer to the gen- 
tleman with the legislation that so many of you have been speaking 
about this morning. 

Mr. Fitzpatrick is recognized for 5 minutes. 

Mr. Fitzpatrick. Thank you, Mr. Chairman. 



9 


Mr. Berlau, one of the main goals of this Sarbanes-Oxley Act, 
now 10 years old, was to protect investors. In your view, has the 
Act protected investors or protected as it was intended? 

Mr. Berlau. No. It has not. Its costs are very high, and its bene- 
fits are hard to quantify. We have seen companies fully subject to 
SOX audits like Lehman Brothers and MF Global have scandals 
and mismanagement. 

And I think the best quote on the lack of benefits came from Hal 
Scott of Harvard University who said that it remains empirically 
unclear whether adherence to SOX 404 achieves its intended ben- 
efit. What is often cited are the increasing number of restate- 
ments — but Professor Scott makes clear that some of those may be 
due to technicalities and the market prices have not really reflected 
these were large misstatements that Sarbanes-Oxley detected. 

Mr. Fitzpatrick. So, did Sarbanes-Oxley help to prevent the fi- 
nancial crisis in 2008? 

Mr. Berlau. It did not. In fact, it may have hurt. 

The lack of IPOs may have shifted more investment than would 
have otherwise occurred into real estate. It certainly kept the focus 
away of companies expanding and building a profitable firm. All of 
these technicalities, like keeping track of office keys and some of 
the other things accounting firms counted as internal controls, may 
have compromised companies’ focus on risk management. 

Mr. Fitzpatrick. Professor Bullard, in your statement, I think 
you indicated on the subject of audit firm rotation that you are in 
favor of the mandatory rotation rule that is currently being consid- 
ered or being developed. That would be an expansion of Sarbanes- 
Oxley. Is that accurate? 

Mr. Bullard. I am sorry if my testimony was not clear. It is not 
that I support it. I am somewhat skeptical of whether mandatory 
rotation would be beneficial. But in reviewing the PCAOB’s review 
of this issue, and their extensive requests for information from the 
business community, I think they are handling it wisely. And I 
think it would be better to leave them the flexibility to find the 
right approach. 

Mr. Fitzpatrick. Do you think that PCAOB should engage in a 
cost-benefit analysis as a condition to going forward on the rule, to 
see what the actual cost is? 

Mr. Bullard. Yes, it should. 

Mr. Fitzpatrick. Mr. Hatfield, the high costs associated with 
Sarbanes-Oxley Section 404(b) compliance has been listed repeat- 
edly by small and emerging companies as one of the deterrents 
from listing in the U.S. public markets. Would you agree that it is 
not only the real dollar cost of compliance, but also the opportunity 
cost that is an issue? 

Mr. Hatfield. Absolutely. The financial costs obviously are 
daunting for a company that is putting every investment dollar to- 
ward clients. The cost for developing breakthrough medicines or 
cures for people is daunting. Every dollar needs to go to that 
science. Every dollar that does not go there detracts from the abil- 
ity to advance those cures. I would say that it is coming short, the 
opportunity costs, in a couple of ways. 

When the science does not get done, then people living with those 
diseases do not get the cures. And I think that is the most signifi- 



10 


cant opportunity costs. If we are taking it away, we are taking it 
away from scientists, and giving it to the fulfillment of compliance. 

And people living with chronic kidney disease, with diabetes, 
with Alzheimer’s, all the things we work on, how can we tell them 
that we did not get them the cure, but we are compliant with regu- 
lations? I think that is tough to say. 

The opportunity costs over a billion dollars to be able to develop 
these medicines. Investors want protection, but they want protec- 
tion to make sure the science gets done. That is why they put the 
dollars in. 

They are not investing for dividends. They are not investing for 
revenue growth. They are investing to deliver these cures. And I 
think that is the most important focus. If we are not doing that, 
we are not doing our jobs. 

Mr. Fitzpatrick. So, what are you hearing from investors, per- 
haps your investors, about the cost of your entity to comply with 
Section 404? 

Mr. Hatfield. I just had a board meeting with our investors yes- 
terday, talked to them about coming here and talking to the sub- 
committee. And their direction to me — these are the investors 
speaking — was to go get rid of that regulatory burden because we 
want to get to science. 

The fact of the matter is that complying with Section 404(b) has 
been for years the number one discussion point in boards as we 
think about going public. That is the number one drain, the reason 
not to do it. Private companies’ CEOs feel that it is not worth it 
to go public, often because of the burden. And CEOs say we do not 
want to go — public CEOs say we should go private because it de- 
tracts from what we intend to do. 

Chairman Garrett. Thank you for your time. The gentleman 
yields back. Thank you. 

The gentlelady from California is recognized for 5 minutes. 

Ms. Waters. Mr. Chairman, I have a question for Mr. John 
Berlau. 

The Dodd-Frank Wall Street Reform Act permanently exempted 
companies with the public float of less than $75 million from Sar- 
banes-Oxley Section 404, which effectively exempted 60 percent of 
all public companies. 

In addition to that, Congress also passed the JOBS Act, which 
would exempt newly public companies. What additional percentage 
of companies would be exempt if the Fitzpatrick bill became law, 
and if the Congress keeps passing additional exemptions? Does 
Sarbanes-Oxley become meaningless at some point? 

Mr. Berlau. Congresswoman Waters, thank you for the ques- 
tion. And thank you for your support of the JOBS Act. 

Ms. Waters. You do not have to tell everybody. 

Mr. Berlau. Okay. 

[laughter], 

I do not know what percentage of — I can get back to you on that. 
I think Congressman Fitzpatrick’s bill is important because say 
there were a biotech company like Mr. Hatfield’s and all of a sud- 
den there were an FDA approval or a sign of good work or some- 
thing. 



11 


The company is taking in no new revenues or new profits. But 
its — a stock price could shoot up. And all of a sudden, even though 
the assets, the profits or the revenues have not changed, the com- 
pany could be classified as a large company. And then, it could 
have all these additional costs, and it is just trying to develop its 
product again and create jobs. So, I think that is why reclassifying 
what public float and market cap is, and using another measure, 
is important. 

Ms. Waters. Mr. Coffee, what do you say to that? 

Mr. Coffee. I would tell you we are talking right now about ba- 
sically taking 1,000 companies outside of the range of having Sec- 
tion 404(b) compliance. The SEC elaborately studied this a year 
ago, and the SEC reported that companies that are compliant with 
Section 404(b) have a rate of restatements that is 46 percent lower 
than the rate of companies that are not compliant. 

If you take 1,000 companies, and say there is a 46 percent dif- 
ference in the rate of restatements, that is an awful lot of fraud. 
And I think it is going to make investors quite nervous about that 
kind of change. 

Moreover, it is not just the 1,000 companies that are in this zone 
between $75 million and $250 million. The way the statute has 
been written, any company that has under $100 million in reve- 
nues, even though it might have a market cap or a public float of 
$690 million, would be exempt. 

So, I think you are giving a very large exemption, permanently, 
not for 5 years the way the JOBS Act does. And I think the SEC 
is right to say the case has not been made for that large an exemp- 
tion. 

Ms. Waters. Mr. Bullard, do you agree with Mr. Coffee’s anal- 
ysis of Mr. Fitzpatrick’s bill? 

Mr. Bullard. Yes, I do agree. But I would like to sort of bifur- 
cate it. There is the point about what should be the standards that 
should apply. And I agree with Professor Coffee that the standards 
should be the existing Section 404(b) standard. 

But I would also like to add that the current approach to exemp- 
tions is essentially not taking issue with the standards as applied 
by regulators; it is essentially saying there should not be a require- 
ment for management assessment or evaluation. There should not 
be any audit or attestation. 

The efficient way to approach this, especially for those who are 
interested in cost-benefit concerns, should be for regulators to de- 
cide what the right level is, not to grant wholesale exemptions that 
essentially make absolutely meaningless the idea of a public com- 
pany for regulatory purposes. 

The issue here really should be regulatory oversight. It should 
not be the very fundamental protections that I have not heard any 
particular objection to, that are in Section 404(b) itself. 

Ms. Waters. Thank you very much. 

Mr. Berlau, you had the first word on this. I have heard from 
Mr. Bullard and Mr. Coffee. Do you have a rebuttal? 

Mr. Berlau. Yes. I think that this lets investors decide how 
much internal controls are worth to them. And I think you are see- 
ing a lot of investor interest in Kayak, the travel site, and Five 



12 


Below, the discount teen retailer — I had to ask my intern what 
that was. 

And really one of the criticisms of the internal control require- 
ments is it has been defined as things like office keys, in some 
cases, or the number of letters in employee passwords; things that 
are not exactly relevant to good corporate governance and risk 
management. So, it is letting the public as investors decide how 
much these internal controls are worth, while still policing and pro- 
tecting from fraud. That’s what the JOBS Act and Mr. Fitzpatrick’s 
bill would do. 

Chairman Garrett. I thank the gentleman. And the gentlelady 
yields back. 

Mr. Schweikert is recognized for 5 minutes. 

Mr. Schweikert. Thank you, Mr. Chairman. 

First off, a fundamental issue, and I would love first an expla- 
nation from the panelists and tell me if you see something other 
than I do. I look at the aggregate data of the last decade. And yes, 
there has been some — a bit of a financial rollercoaster through 
there. 

But even when you adjust for 2008, what happened to IPOs, 
after the SOX mechanic, what happened to the U.S. IPO market, 
particularly in juxtaposition to what was happening in other places 
around the world? 

When I look at aggregate data today, there is literally one third 
fewer publicly traded companies today than there were a decade 
ago. So, this is one step off saying okay, the disclosures, the protec- 
tions that were designed in SOX may be absolutely appropriate 
and justified. 

Something happened in our U.S. capital markets. And first, I 
would like to start with the professor. What happened, and is there 
a linkage? 

Mr. Bullard. There are academics with more expertise on that. 
My survey at least is there are a lot of explanations. Probably the 
principal one is that other countries just got a lot better at attract- 
ing that kind of business, as they have with respect to a lot of 
areas of commerce. But I will leave it to Professor Coffee, who has 
a lot more expertise in this area. 

Mr. Schweikert. My friend to the left? 

Mr. Berlau. Yes. There — certainly there has been a long — the 
data shows there has been a long-term decline. There is disagree- 
ment about the causes although I would say the return of some 
after the JOBS Act would argue that Sarbanes-Oxley was a big 
cause of that. 

But there were fewer IPOs, for instance in 2006, a relatively 
good year for economic growth, an expansion year, than there were 
in 1991 when we were coming out of recession, fewer absolute 
numbers. There has been a debate in the economic literature that 
IPOs might actually be countercyclical. And that as debt is closed 
off people will issue more equity, so we do not have this tool to help 
us come out of the recession. 

Mr. Schweikert. Mr. Coffee? 

Mr. Coffee. Basically, and I do study IPOs, what issuers are 
looking for is not an IPO, but to raise capital by the least-costly 



13 


means. And beginning in the period of around 1998, private place- 
ment became a much cheaper means of raising capital. 

Mr. S CHWEIKERT. But doesn’t that make the point that private 
placement became less expensive than going public? And for some 
reason, going public got much more expensive in capital formation? 

Mr. Coffee. The first thing I would tell you is that public offer- 
ings became much more difficult after the Internet bubble burst. A 
tremendous amount of money was lost and people would not go 
back to the people who sold them Pets.com. Investors learned a 
very harsh lesson — 

Mr. Schweikert. But your comment is that the same investors 
then would go through private equity. 

Mr. Coffee. No. I am saying, first, private placement, which is 
often debt and sometimes equity became much cheaper and much 
easier to raise. 

Second, smaller issuers simply cannot do IPOs under any struc- 
ture because large institutional investors, who are the principal 
purchasers in public offerings, want high liquidity. What we are 
seeing is that to the extent we have public offerings today, they are 
in the $500 million range because that is what institutional inves- 
tors demand. 

I would suggest that things like — 

Mr. Schweikert. We can get back to that point, because in my 
minute-and-a-half, you may have hit on something I am heading 
for. 

Mr. Gallagher? 

Mr. Gallagher. Thank you, Congressman. 

As was said before, there are so many reasons. You cannot iso- 
late one specific reason for the change in IPOs during that period. 
It is very dynamic for multiple reasons including the availability of 
capital. 

But I would also say during that period between 2006-2007, the 
requirements and how Section 404(b) in particular was imple- 
mented after that time period have been much more efficient be- 
cause of some standard setting changes and the way the auditing 
profession and the way the companies are dealing with Section 
404(b). 

Mr. Schweikert. Ms. Hollein? 

Ms. Hollein. Yes. First of all, our membership is more than 50 
percent private companies. And there are a variety of reasons for 
the increased number of companies that are choosing to remain pri- 
vately owned rather than go public, partly because of the regu- 
latory reporting and the internal control requirements with which 
public companies must comply. But an additional difference would 
be in the tax treatment that has motivated many of these compa- 
nies to remain private. 

Mr. Schweikert. Okay. And you do understand — I do not know 
if you all were listening to each other. The cross-messaging we get 
is that Sarbanes-Oxley raised costs. It was the availability of cap- 
ital. But everyone moved over to private placements and — so the 
money was over here, but it was not over here so it could not have 
been choking off of capital because they found the money over here. 
We got a mixing of messages. 

What is the — 



14 


Chairman Garrett. Sorry. The gentleman’s time has expired. 

Mr. Schweikert. And we missed the punch line. Thank you, Mr. 
Chairman. 

Chairman Garrett. We will come back to the punch line. 

The gentleman from Massachusetts. 

Mr. Lynch. Thank you, Mr. Chairman. 

First of all, I want to thank all the witnesses. I want to espe- 
cially thank you for your thoughtful testimony. It has been varied, 
but I think in all cases it has been very astute and thoughtful. 

I would like to focus, Mr. Bullard, Mr. Coffee and Mr. Gallagher, 
on the proposal to rotate the auditors. Mr. Bullard, you have gone 
agnostic on this, I guess. But there are a couple of factors. 

One is it is rather arbitrary to say every 5 years, for instance, 
we are going to require a company to change auditors and bring 
in a new company. There are some cost factors with that. Obvi- 
ously if a company is auditing year-to-year, there is a certain effi- 
ciency that is gained by the familiarity with the way that company 
works. But there is the integrity factor that auditors are not being 
captured by the client. 

So, if you would, Mr. Bullard, Mr. Coffee, and especially Mr. Gal- 
lagher because of your position, I would like to have your thoughts 
on that, the cost and the efficacy of actually rotating auditors. 

Mr. Bullard. I will be very brief. My main concern was that 
Congress not prevent the PCAOB from finding the right solution. 
And a statutory prohibition would place into doubt whether the 
PCAOB could take an alternative approach such as having a pre- 
sumption that the audit relationship at the end after 10 years, and 
that the board had to do something to overcome that. Or that there 
would be some kind of mandatory disclosure or findings made by 
the board. 

If Congress acts in this respect, those alternative approaches 
come into question as to whether the PCAOB would have that au- 
thority. So, audits themselves, I think even the investor community 
has some ambivalence about whether this is the right way to go. 
But I see a great deal of thought given to this by the PCAOB. My 
main point would be to let the experts decide the question. 

Mr. Lynch. Very good. Thank you. 

Mr. Coffee? 

Mr. Coffee. I am going to give you a very equivocal answer after 
all that. I am not able to endorse the idea yet of mandatory rota- 
tion of the firm. We do rotate the auditing partner. And there are 
other countries that are now requiring mandatory firm rotation. I 
would like to see what their experience is. 

I do think this has to be given a thorough cost-benefit study. And 
I believe that the PCAOB — and I serve on one of its advisory 
boards — would not do this without a very thorough study because 
they will be subject to judicial review. So, I do not think this is 
about to happen. 

Mr. Lynch. Okay. Fair enough. Thank you. 

Mr. Gallagher? 

Mr. Gallagher. Congressman, my view is that audit committees 
are in a very good position to make a decision based on the specific 
facts and circumstances that exist at a particular company about 
how to select the auditor and mandatory firm rotation would limit 



15 


the audit committee’s ability to make that judgment. Who is in the 
best position, as opposed to a one-size-fits-all solution, I think is a 
better way to go in terms of quality. 

There has never been any linkage between tenure and negative 
impacts of audit quality. In fact, if anything, history tells us other- 
wise. 

But that said, I do agree with Mr. Bullard that I think this is 
appropriately dealt with at the PCAOB. I think the process has 
been a good one. And I think you wind up at the right answer. 

Mr. Lynch. Thank you. I have a minute-and-a-half left. 

Ms. Hollein, you mentioned in your testimony that you consid- 
ered that the crown jewel of Sarbanes-Oxley was the fact that we 
have the CEOs and CFOs sign off on financials after the first dis- 
trict’s decision that said that on a whistle-blower case, a nonpublic 
company would not be bound by allegation or attestations that they 
made. 

Do you think that we should also require nonpublic contractors 
to these companies to also be bound by the same penalties and pro- 
hibitions that we place on the CEOs and CFOs? In other words, if 
I hire a nonpublic accountant, they are not bound by the same re- 
strictions that we placed on those subject to Section 404, for exam- 
ple on Sarbanes-Oxley. Have you given any thought to that? I 
know that you sort of mention it in your remarks. 

Ms. Hollein. Yes. We do feel — just looking at it we actually 
studied more of the public company sectors of our membership 
more than the private companies related to the Whistleblower Act. 
We do feel, however, that the CFOs and CEOs having signed off 
on it has provided a more robust process within the terms. And 
this would also possibly benefit the private companies, although we 
would have to study that further to see what the burden would be 
on those individual companies. 

Mr. Lynch. Okay. Thank you. 

Thank you, Mr. Chairman. I yield back. 

Chairman Garrett. Thank you. The gentleman yields back. 

The gentleman from Texas, Mr. Hensarling, is recognized for 5 
minutes. 

Mr. Hensarling. Thank you, Mr. Chairman. 

Mr. Berlau, in your testimony, you advocate repeal of Section 404 
of Sarbanes-Oxley. You say essentially it does not meet the cost- 
benefit test. 

And I think, Mr. Coffee, you used the same phrase. I want to let 
you know how welcome the phrase “cost-benefit” is in this com- 
mittee room. We rarely hear it uttered. 

On the cost side, Mr. Berlau, I guess you allude to SEC data that 
cites an average cost of compliance with Section 404 of $2.3 million. 
I think, Mr. Hatfield, you said the average compliance for a biotech 
company was about $1 million. So, I am trying to focus somewhat 
on the cost side of the equation. 

There has been some discussion. I would like to study it a little 
bit more carefully. We know that there have certainly been fewer 
IPOs and that the IPOs we have had post-SOX have been larger. 
So, we can certainly have a debate about the cause and effect of 
that. 



16 


Mr. Berlau, you also refer to the fact that — I guess you quote 
Bernie Marcus, the co-founder of Home Depot, who apparently has 
been quoted publicly on a number of occasions saying that he never 
could have taken Home Depot public had Sarbanes-Oxley been in 
effect when Home Depot was launched. 

So, again, I am trying to isolate the various costs that we have, 
not just direct cost to the companies. But there is obviously an op- 
portunity cost for average retail investors who might have missed 
out on the next Home Depot. 

Can you elaborate on other costs that you see with respect to 
Sarbanes-Oxley? And particularly the cost of perhaps channeling 
some of these start-ups or emerging growth companies to private 
placements and debt as opposed to public equity? 

Mr. Berlau. Yes. I think this is what the Facebook IPO and the 
flaws in that, the after effects demonstrate that maybe it was just 
too big to succeed. 

When Home Depot went public in the pre-SOX era, it had just 
four stores to its name. It used the money from going public to 
build hundreds of stores and employ the 300,000 people it does 
now. Whereas, in contrast, when Facebook went public, it was al- 
ready a household name and some of these other things. And it 
was — and its IPO was $100 billion, and less than that as the share 
price has gone down. 

So I really think this shows how retail investors, ordinary inves- 
tors cannot get in on a Home Depot at its growth stages or a 
Starbucks or a Cisco Systems. It all went public when they were 
relatively small. 

And the good news is that already with the JOBS Act, with just 
the 5-year exemption, we are seeing companies like ClearSign 
Combustion, a green technology company out of Seattle that has a 
$20 million market cap IPO. I do not think we have seen one this 
small since before Sarbanes-Oxley. 

So, the SEC still says — although some costs have come down 
slightly — Section 404 is 7 times as costly for a smaller company as 
in a larger company, and for its investors as well. 

Mr. Hensarling. Mr. Bullard, in listening to your testimony, if 
I heard you properly, you did not find fault with Section 404. You 
found fault with the implementation of Section 404. And I thought 
I heard you say that you essentially believe that the regulators 
have it wrong and the cost could be much lower. Did I hear you 
properly? And if so, can you elaborate? 

Mr. Bullard. I did say the first part, but not necessarily the sec- 
ond. I think that the history shows that regulators have conceded 
they probably got it wrong with respect to the first implementation 
of Section 404(b), and that is essentially the audit standards issued 
by the PCAOB. 

Today, what we have seen is the SEC economists have found 
that there have been declining costs. The PCAOB has substantially 
revised the requirements under Audit Standard 5. And I think that 
is the appropriate way for this to proceed. I do not think anyone — 

Mr. Hensarling. If I could, I see my time is running out. I want 
to try to slip in one more question. 

Mr. Berlau quoted Professor Scott of Harvard Law School who 
says that it remains empirically unclear whether adherence to SOX 



17 


404 achieves its intended benefit. Mr. Gallagher, you spoke of some 
of the benefits that you perceive. But just how empirical are these 
benefits versus anecdotal? 

Mr. Gallagher. Congressman, I think if you look at the in- 
tended purpose of SOX in terms of financial reporting, and the fact 
that restatements went down after it worked itself through the sys- 
tem and the internal controls got significantly better, identified the 
issues that were there prior to the implementation. Restatements 
have gone down significantly, and I think that is a tribute to the 
benefits of SOX. 

Chairman Garrett. Thank you. 

Mrs. Maloney is recognized for 5 minutes. 

Mrs. Maloney. Thank you for calling this hearing. It is an im- 
portant one. And I thank all of the panelists here today. 

I truly do believe that markets run more on trust than on cap- 
ital. You see it all the time. And I believe we have to remember 
why Sarbanes-Oxley was created in the first place. It was to re- 
store trust. Some of our most respected companies that were rated 
AAA plus, crashed in 24 hours, wiping out jobs, wiping out pen- 
sions, 401(k)’s, devastating communities in which they were lo- 
cated. And it was a horror. 

And I got phone calls. I believe probably everybody on this panel 
did, calling upon us to restore confidence. And it was legal, a lot 
of things. It was legal to hide tremendous losses and lack of capital. 
So, in a bipartisan way, Sarbanes-Oxley was passed and put into 
law. 

I would like to ask Mr. Bullard and Mr. Coffee — and I have to 
mention that Mr. Coffee is from the great State of New York and 
teaches at one of our very important institutions. We welcome you 
today. Thank you for your service and for being here. 

But were we successful on our primary goal of restoring con- 
fidence? We would have done nothing if there had not been a crash. 
We would not have done it. We would not have moved. But there 
was a problem, an accounting scandal. So, we worked to address 
it. 

So, Mr. Coffee, since you are from my home State, if you would 
respond first, and then Mr. Bullard, from the great State of Mis- 
sissippi. I am so glad you are here. Thank you. 

Mr. Coffee. I agree with what you were saying. Investors pay 
a price based on how they perceive the risk and return. If they 
think the risk of fraud is high, they will pay a lower price. And 
thus, companies will find capital much more expensive. 

The number of IPOs has never recovered from the Internet bub- 
ble in 2000-2001. And there is also this large impact of Enron, 
WorldCom, and the series of accounting scandals. 

Did SOX thoroughly cure the problem? Probably not, but thor- 
oughly curing the problem would be extraordinarily expensive. So, 
SOX was a partial step in the right direction. 

The SEC studied this in response to Dodd-Frank, which they 
asked them to study what further exemptions should be done from 
Section 404. And they felt that Section 404(b) was working, and 
that giving a broader exemption would produce a lot more fraud. 
The case has not been made. 



18 


I am not in a better position than the SEC to disagree with 
them. There will be debates, continuing debates about the costs 
and benefits of Section 404. But you are quite right. It is intan- 
gible. Do investors trust companies? And I would say the series of 
scandals that we have seen recently, including the ongoing Libor 
scandal, makes them distrust not only companies, but the adequacy 
of regulatory oversight. 

Mrs. Maloney. Mr. Bullard? 

Mr. Bullard. I agree very much with Professor Coffee’s state- 
ments. And I would add that one of the issues, as Sarbanes-Oxley 
has matured over time, has not necessarily been problems with the 
statute in and of itself. 

We very rarely hear somebody criticizing SOX and then actually 
referring to the terms of the statute. What you see is criticism with 
respect to implementation. And as Chairman Garrett has been par- 
ticularly sensitive to, part of this is an issue of the SEC’s historic 
problems with doing cost-benefit analysis. 

But I think we need to recognize it is in a revolutionary period, 
hiring many more economists as we speak. And that what we need 
to keep sight of is the appropriate structure of administrative law 
as something can actually operate efficiently. And it cannot operate 
efficiently with micromanagement at the congressional level. We 
need the SEC to evolve as it has — as it currently is in the cost-ben- 
efit frontier. 

Mrs. Maloney. Very briefly, I would like to follow up on Pro- 
fessor Coffee’s statement on the SEC study, and I invite anyone to 
respond to it, that the amount now at $75 million exemption. And 
many of us in fact even had a bill at one point from $50 million 
exemption. 

Dodd-Frank had the $75 million at 60 percent — covered 60 per- 
cent of the companies in America. But the SEC study said that 
there was no reason to exempt anymore. If you could elaborate on 
that, or if anyone else would like to mention it. 

And as I understand it, the real cost is when you set up the in- 
frastructure and the reporting system. And once you have set that 
up, then the cost to the companies is not — 

Chairman Garrett. The gentlelady has 30 seconds left for an 
answer. 

Mrs. Maloney. Mr. Coffee? Do you want to respond? 

Mr. Coffee. I did not want to take all the time. I agree with 
what you are saying. The cost is front-loaded. The companies who 
would now be exempted have been complying with Section 404(b) 
for 5 years or more. And therefore, while they would like to have 
their costs reduced, they really are — these really are some costs. 
We are not talking about subjecting new companies to them. 

Chairman Garrett. Thank you. 

Mrs. Maloney. Thank you. 

Chairman Garrett. Mr. Royce is recognized for 5 minutes. 

Mr. Royce. I think Mr. Coffee has had some insights, some key 
insights, and I think over the years, some of these insights have 
been included in legislation. 

Your overarching idea of applying the penalty not to the share- 
holder, but to those officers, those directors who are culpable — you 
have written about this in the past. You have witnessed in the past 



19 


years over the subject. That is a key component of Sarbanes-Oxley. 
And that is one that I think is very effective in terms of those dis- 
incentives. 

The premise, however, and here is where we get into a question 
of cause and effect. We can readily agree that the dot-com bubbles 
and the malfeasance that has occurred in the market have had an 
impact against IPOs. But when we look at market share, and origi- 
nally the United States was the majority of IPOs, then we watch 
it go to 11.5 percent. Then we watch it go to 8.6 percent. 

And in the context of IPOs worldwide being rolled out in Europe 
and Asia, and our market share continues to fail to address amend- 
ments to the cost of Section 404(b), especially to those new compa- 
nies like Mr. Hatfield’s. And I want to ask him about this because 
if you look at the biotech industry, and I read his testimony and — 
their efforts, expertise, kidney disease, Alzheimer’s, how you get a 
cure for dementia. 

What is not seen in all of this is his thesis that money taken 
away during this on-ramp out there from that type of work and ap- 
plied to these kinds of costs, which is not a good fit, especially for 
a biotech company going public. Why can’t we look at amending the 
Act so that we still achieve your overarching goal, Professor Coffee, 
which is a very good one? 

But at least we begin to recognize that besides what you see in 
front of you there are these unseen costs in terms of his diabetes 
trials, which you know if there is a cure here we want this to come 
to market soon. That has to be weighed in the balance. And I think 
I would ask you about that. 

Mr. Coffee. I agree with what you are saying. But it leads me 
to believe that you do not want an all-or-nothing approach that 
says all companies of less than $250 million public float are ex- 
cluded. 

What I think you need, and the person missing from this table 
is the chairman of the PCAOB, in terms of are there more focused, 
more surgical ways of reducing these costs with smaller companies? 

Mr. Royce. Okay — 

Mr. Coffee. And that kind of focuses — 

Mr. Royce. But I have to let Mr. Hatfield talk for a minute, too. 

Mr. Hatfield, could you explain the conundrum here, succinctly? 

Mr. Hatfield. I will try that. But I support many of the provi- 
sions of SOX. I think investor protection is really important. The 
key issue is balance and cost-benefit for that. IPOs are down. And 
I can cite specific conversations amongst my colleagues in our 
boardroom that one of the primary reasons for that is bureaucratic 
burden that takes away from our mission. 

Mr. Royce. Talk about the IPOs in the biotech sector, because 
those numbers are impactful. 

Mr. Hatfield. It is terrible. That is one of the most important 
discussions that are going on in boardrooms, whether or not to take 
on that burden, whether to divert funds from investors into compli- 
ance. 

I think the great example of whether or not this really is an 
issue is what the JOBS Act has done. If I look now at the filings 
that have occurred since the JOBS Act was enacted — and thank 
you for that — Biotech ought to be 3 percent. It is 25 percent in the 



20 


filings now. So obviously, something was relieved, pressure on the 
system that now allows biotech companies that are trying to create 
these cures to actually access — 

Mr. Royce. And other CEOs in your field, what is their reaction 
to this legislation that we are discussing today in terms of further 
amending Sarbanes-Oxley? 

Mr. Hatfield. One of the comments that I got — I was talking to 
somebody who runs a public company. And he said, “Hey Jeff, what 
I regret about going public is I switched from leading the company 
to being chief compliance officer. And that really changed my life.” 
So, that is what I would like — balance is important, but right now, 
Section 404(b) for companies in the biotech industry is a large bur- 
den. 

Mr. Royce. Thank you. 

Mr. Chairman, thank you. 

Chairman Garrett. Right. Mr. Himes will have the last 5 min- 
utes. And then, in order to get more people in, we are going to go 
down to 3-minute questioning. 

Mr. Himes? 

Mr. Himes. Thank you, Mr. Chairman. 

And thank you to the panel. I have actually found this discussion 
incredibly interesting. And I think anyone listening to the panel 
would arrive at the conclusion that yes, regulation does impose 
costs on companies like Mr. Hatfield’s, costs that may or may not 
be wise, depending on whether they reduce the risk premium that 
investors would subtract from Mr. Hatfield’s business to invest in 
it. 

It is that simple. And I have not heard a single thing from this 
panel saying that SOX has not actually improved investor protec- 
tion. And yes, there are costs. 

My colleague Jeb Hensarling said that we do not engage in cost- 
benefit analysis as much as we should, and I could not agree more. 
And part of the problem is that we can quantify the costs that 
someone like Mr. Hatfield bears. 

We are in disagreement here. Mr. Berlau has $2.3 million. The 
SEC study says $600,000. We can quantify that. There are 3,500 
filers who have to pay Section 404 costs. But the benefit is a little 
harder to get at. And I want to explore that a little bit. 

Mr. Berlau, in your testimony, which I found colorful, and I ap- 
preciate that, by the way — 

Mr. Berlau. Thank you. 

Mr. Himes. Your opening metaphor here that we need to liberate 
to stimulate, that we should think of this as grass that is growing; 
one does not need to teach or subsidize grass to grow, rather re- 
move the rocks obstructing its growth and it will grow wide and 
tall. It makes me want to break out in song. 

[laughter], 

Mr. Berlau, is this the metaphor we should think about that you 
should frame this debate in? And let me ask you a specific ques- 
tion: Have you ever come across a blade of grass that borrowed 
money that had shareholders, or that could make a decision to 
commit fraud? 



21 


Mr. Berlau. I cannot take credit for that metaphor. That was 
my vice president, Wayne Crews, my boss. That is the way we look 
at all public policy. 

But yes, I think investors and entrepreneurs — it is sort of like a 
garden. And the question is, people come together and make dif- 
ferent arrangements. 

But it is the government’s role to prevent — to make sure that 
there is transparency, and there is not fraud. And it is up to the 
gardeners and all of the different people who take care of the — to 
come up with — 

Mr. Himes. My question was partly rhetorical. So, let me explore 
this question of cost -benefit. Thank you for the answer, though. It 
is hard to get your arms around what the benefits are because we 
are talking about crises averted. But I am struck by the fact that 
the numbers and the costs, and I do not in any way not take seri- 
ously how expensive a dollar is to a company like Mr. Hatfield’s. 
VCs, angel investors extract a very substantial price for that dollar. 

So, do not get me wrong on this. But the costs that we are talk- 
ing about in this cost-benefit analysis are always in the hundreds 
of thousands and millions of dollars. Mr. Berlau, you say $2.3 mil- 
lion. The SEC study says $600,000. What about the costs? 

Mr. Berlau, what was the peak market capitalization of 
WorldCom and Enron, those two companies? What was the peak 
market cap of those two companies? 

Mr. Berlau. Let me say first — 

Mr. Himes. No, a simple question. Please answer it. 

Mr. Berlau. I — 

Mr. Himes. The peak market cap of Enron and WorldCom was 
$250 billion combined, a quarter of a trillion dollars in value oblit- 
erated by fraud. 

Now, I am not going to make the argument — I will let the panel 
make the argument if they want — that SOX is perfect. But I do not 
need to. Because if I take the 3,500 filers of Section 404 and I use 
your number of $2 million, I get about $7 billion, a very — 

Mr. Berlau. That is the SEC’s number. I can send you the — 

Mr. Himes. Okay. Whatever. I will give you the $2 million. Let 
us just say $7 billion, because we have 3,500 filers. That is $7 bil- 
lion, expensive dollars — $250 billion in market cap obliterated in 
the meltdown which David Schweikert called a little financial 
rollercoaster, with $17 trillion in U.S. household wealth obliterated. 
So, can I take some fraction of those numbers and hold those 
against your $7 billion? 

Mr. Berlau. Sarbanes-Oxley was in effect before the meltdown 
and it did not seem to do much. The question is, will this achieve 
its intended benefit? And as Professor Scott of Harvard said, it is 
unclear that it does. 

Mr. Schweikert. And will the gentleman yield for a second? 

Mr. Himes. No. I am actually — I have 33 seconds, so I am not 
going to yield. 

Do you agree that I can take some fraction of the $250 billion 
of obliterated market cap of Enron and WorldCom and hold that 
on the opposite side of the scales of the $7 billion that SOX appar- 
ently costs us on Section 404? Is that a fair way to think about it? 



22 


Mr. Berlau. Only if you can show the provision actually affects 
that and prevents that type of — 

Mr. Himes. Do you believe that Section 404 — there are studies 
that show that it reduces the rate of restatement. Do you believe — 

Chairman Garrett. The gentleman’s time has expired. 

Mr. Himes. — that has no effect? 

Chairman Garrett. So, that will be a rhetorical question as well. 

[laughter]. 

The gentleman from New Mexico is recognized for 3 minutes. 

Mr. Schweikert. Mr. Chairman, quick parliamentary inquiry. 

Chairman Garrett. Yes? 

Mr. Schweikert. Sarcasm is banned from the committee. 

Chairman Garrett. From this point on. 

Mr. Schweikert. Thank you, sir. 

Chairman Garrett. The gentleman from New Mexico is recog- 
nized for 3 minutes. 

Mr. Pearce. I thank the gentleman for lowering the time to 3 
minutes just as I start. 

Mr. Coffee, you refer to an SEC study in justifying some of your 
positions about this. And so I guess my question is that this is the 
same SEC that was sitting in the room when MF Global was trans- 
ferring money out of segregated accounts, and you want us to sit 
up here as policymakers and just blithely take that. 

And with just 3 minutes, we will probably move on, but — if we 
will go ahead and look at MF Global, Sarbanes-Oxley was in effect. 
And wasn’t MF Global making trades just a day before the report 
period came out so that they would understate the amount of ac- 
tual debt they had in the actual — 

Mr. Coffee. You seem to be describing the Lehman Brothers 
scam, the repo — 

Mr. Pearce. No. I am talking about MF Global. I am talking 
about Jon Corzine. I am talking about Jon Corzine who came in 
here and testified. And yes, they were taking stuff off the balance 
sheets. And it is in place. And you are quoting the SEC — 

Mr. Coffee. I am certainly not defending MF Global. 

Mr. Pearce. I will tell you when it is your time to speak. You 
are trying to get — you are trying to say that the SEC is going to 
be the great protector. And I am telling you they sat in the room 
and watched MF Global take that money out of segregated ac- 
counts. They were watching them as they moved stuff on and off. 

Now, Mr. Berlau will tell you that I am not necessarily a great 
critic of Sarbanes-Oxley. But we are trying to find a balance point 
here. And when you come in and say, “the SEC, the SEC, the 
SEC,” and we watch from up here what the SEC has done under 
this law, and we watch what they did in the complete meltdown, 
the illegal transferring of assets out of segregated accounts. Then, 
I say that I am not sure the answer is regulation. 

Mr. Berlau, they have really brought up good points that the 
market is about trust. So, you cannot just walk away from that. 
You cannot walk away from the fact that trust is needed, and 
things do happen on balance sheets that cause a lack of trust. How 
do you, in your mind, rectify those two? 

Mr. Berlau. I would certainly agree with that. And before this — 
MF Global was such a basic failure of rules in place even before 



23 


Sarbanes-Oxley. For decades, it was the first rule of thumb that 
you— 

Mr. Pearce. I just need an answer. Just skip to it. We are really 
short of time. We have 15 seconds. So — 

Mr. Berlau. I am sorry. Can you repeat the question? 

Mr. Pearce. Yes, trust. How do you find it if you say we should 
repeal it? How do you find the trust in the market? How do you 
find the confidence because people have some more — Mr. Himes 
was asking a very good question. 

Mr. Berlau. Well — 

Chairman Garrett. Okay. I — 

Mr. Berlau. — they are to police fraud and reputation. Reputa- 
tion is a commodity. Like Warren Buffet, other CEOs have devel- 
oped. 

Mr. Pearce. Thank you, Mr. Chairman. I yield back. 

Chairman Garrett. I thank the gentleman from New Mexico. 

The gentlelady from New York, Ms. Hayworth, is recognized for 
3 minutes. 

Dr. Hayworth. And I thank the chairman. 

I am going to follow Mr. Himes’ query regarding the — and I real- 
ize it becomes — 

Chairman Garrett. The gentlelady will suspend. 

Can we set the clock for her 3 minutes? 

Dr. Hayworth. Oh. Thank you. 

Following on regarding — and acknowledging that it can be ex- 
ceedingly difficult, especially from the macro level, to calculate the 
relative costs and benefits, counterfactuals; obviously, we are all 
arguing different sides of this. 

But when we talk about the relative cost to the economy, Mr. 
Berlau, would you venture a guess as to the opportunity cost that 
has been lost as a result of certain more onerous aspects, shall we 
say, of Sarbanes-Oxley in having a chilling effect on the public of- 
fering marketplace? There must be a certain number of trillions in- 
volved in that as well or a certain fraction of trillions at least. 

Mr. Berlau. Two numbers are important. Ivy Zhang of the Uni- 
versity of Rochester published a paper in which she estimated, as 
you said, Congresswoman Hayworth, the opportunity costs of com- 
panies not listing other things of Sarbanes-Oxley as being as high 
as $1.4 trillion. 

I would also note in the IPO Taskforce organized by the Obama 
Treasury Department that they said that the cost of the long-term 
decline in IPOs in terms of jobs lost associated with that would be 
about — could be as high as 22 million jobs not created in the past — 
it the past decade or so. And it is — so a lot of the — yes, there are 
a lot of opportunity costs. And it is hard to measure. But what 
some of the — even some of the things that have been measured and 
shown is just quite chilling. 

Dr. Hayworth. So, it is fair to say that there is probably room 
for improvement. And I take Mr. Gallagher’s comments very seri- 
ously, and those of others on the panel, regarding the importance 
of having accuracy in the representation of financial statements. 
Obviously, that is a very important aspect. 

But, Mr. Hatfield, would you say as an entrepreneur that there 
is a balance that we can reach and that we can provide a certain 



24 


amount of liberations like Mr. Berlau says, but also allow for that 
investor assurance that Mr. Gallagher and Professor Coffee have 
advocated for? 

Mr. Hatfield. Absolutely. And as previously mentioned, I think 
there are very strong components of Sarbanes-Oxley that are im- 
portant. The overall transparency that it creates important Section 
404(a) with management responsibility increased impact if they are 
not. I think those are all very important. And I think where the 
balance comes in on the other side is Section 404(b) and the costs 
associated with that. 

Importantly, I would just say our investors, and that is what we 
are talking about here is protecting the investors. And I have heard 
from them directly and I know what this marketplace is, the 
biotech companies. The investors want to know about the science. 
Again, for 8 years now, we have not spent material time in the 
boardroom on historical financial reports. We are focused on driv- 
ing science and finding cures for people. 

Dr. Hayworth. As you should be. 

And Mr. Chairman, thank you all. I yield back. 

Chairman Garrett. The gentleman from California is given 10 
seconds for coming in so late. No, 3 minutes. 

Mr. Sherman. Okay. Or when we have to leave for votes, we 
have to leave for votes. 

I think there has been some confusion this morning about the 
distinction between Sarbanes-Oxley Sections 404(a) and 404(b). 
Why is the audit required under Section 404(b) important? I do not 
know which member of the panel? Mr. Coffee? 

Mr. Coffee. Yes. Did you address me? Okay. I think that Sec- 
tion 404(b) requires the auditor to attest to the adequacy of man- 
agement’s internal compliance efforts. Section 404(b) does seem to 
relate to the percentage of restatements that subject companies ex- 
perience. The SEC study did find that if you are compliant under 
Section 404(b), the rate of restatements goes down by something 
like 46 percent. That is not a small number. 

I agree we can debate costs and benefits for a long time. But 
what I would point out is that in the wake of Sarbanes-Oxley, a 
number of companies went private. More recent studies have found 
that even those companies who went private continued to remain 
reporting companies and to comply with Section 404(b) because 
debt investors insisted upon it. That suggests that debt investors 
saw some value in reporting and in Section 404(b). 

So, I do think that there is some value to this. And the SEC 
made many mistakes. But it was not MF Global because the prin- 
cipal regulator of MF Global was the CFTC. So, I want to give 
credit where credit is due. And that probably belongs to a different 
agency’s failure. 

Mr. Sherman. I will ask Mr. Gallagher to quickly respond, and 
then we have to go vote. 

Mr. Gallagher. Congressman, I think Professor Coffee is dead 
on. If you look at the numbers and the rigor of the internal control 
analysis by management, knowing that somebody is going to come 
in and provide that audit, and provides the assurance to the capital 
markets. And to Mr. Himes’s point, you know the benefit of the 



25 


cost of capital because of that assurance, because of that confidence 
in the higher level of rigor of that internal control analysis. 

Mr. Sherman. So, you would pay more to the accountants and 
you pay less to your bank. 

I yield back. 

Chairman Garrett. The gentleman yields back. 

Mr. Dold is recognized for 3 minutes. 

Mr. Dold. Thank you, Mr. Chairman, for the 3 minutes that we 
have. And I certainly want to thank all the panelists for coming. 

My colleague from Connecticut was talking about cost-benefit 
analysis, certainly something that I also agree with. I also want to 
talk — I do think this is largely about trust. 

But I do think that if we — in talking to a number of companies 
and talking to some public officials, some of the concerns that I 
have are not just about the lack of IPOs that have been coming, 
or lack thereof, into the marketplace. But we have actually seen 
companies de-list from U.S. exchanges to go to other exchanges, 
whether it be to Ireland or someplace else, because of this over- 
regulatory burden that is being placed upon these companies. And 
certainly, that is an enormous concern that I have. 

Now, we talked a little bit about the cost-benefit analysis, and 
certainly when we look at the cost of Enron. But I am not so sure. 
If we had had Sarbanes-Oxley, if SOX had been in place, Mr. Cof- 
fee, would Enron not have happened? 

Mr. Coffee. I cannot tell you that it would not have happened. 
And I think it is more likely than not that it would have happened. 

Mr. Dold. Okay. And I think that is the point. Good companies 
are going to do good things. Bad companies certainly are one of 
those things that we have to be looking out for. Trust is going to 
be one of those critical things. 

So, in terms of that cost-benefit analysis, I am not so sure that 
my colleague is 100 percent correct in saying all of that would have 
been saved; there would not have been fraud going on out there be- 
cause we have things like MF Global that happen. And certainly 
people are doing bad things and things which are against the law. 

And from my opinion, and I think hopefully somebody will be 
brought to justice. We are also seeing that again the cost of compli- 
ance is significantly more expensive as a percentage as Mr. Berlau 
had talked about for smaller companies and larger companies. 

In the last little bit of time that I have, one of the things that 
I do want to talk about is the mandatory rotation for audit terms. 
Does anybody really think that if somebody is intending on com- 
mitting fraud or hiding it, they are not going to hide it from the 
auditors as well? 

And if a Big Four accounting firm, let us just say, were to be 
caught up in an accounting fraud scandal, does anybody think that 
would not be devastating to that company? Would any other major 
Fortune 1000 company use that auditing firm again? Does anybody 
think that would not be a self-regulated type entity? 

Or do we think that the government needs to come in and man- 
date that no, you have to rotate? Is it 5 years? Is it 7 years? Is it 
10 years? Why not 15 years? What is the actual number? 

And what my real point is, is the government not weighing in a 
little bit too deeply here? Because certainly the auditing firms, they 



26 


absolutely want to make sure that they are following the letter of 
the law because that is going to be critical for their business model. 
Because if they are caught up in some sort of a scandal, if they do 
things wrong and the light is shone upon them, trust me, that is 
going to be devastating to that firm. 

Mr. Coffee, do you want to comment? And then, Mr. Bullard? 

Mr. Coffee. As I said earlier today, I was not endorsing manda- 
tory rotation of firms — 

Mr. Dold. I did not say — 

Mr. Coffee. — and I would point out — 

Mr. Dold. I am asking if you would comment on that quickly — 

Mr. Coffee. I would point out that if you rotate the auditor, that 
is an opportunity to capture the new auditor. I do not know that 
you will get a better, stronger auditor when you rotate, because if 
you are a corrupt CEO, you may go out and solicit the auditor who 
will be most acquiescent. So, I am not testifying that will be the 
perfect answer. 

Chairman Garrett. Mrs. Biggert, for 3 minutes or one question. 

Mrs. Biggert. Thank you. I will try one question, Mr. Chairman. 

Ms. Hollein, SOX attempted to improve companies’ internal con- 
trols and deter fraud. That said, are there comments since private 
sector initiatives, education efforts or better communication be- 
tween the PCAOB and audit committees that could be done instead 
of adding costly regulations? 

Ms. Hollein. Yes. I think as the private sector, we have actually 
stepped up. And we have been in collaboration with the Center for 
Audit Quality helping to educate. We have done a roadshow with 
all of our members throughout the Nation just helping to educate 
them on the deterrence and detection of fraud. And we will con- 
tinue to provide those types of opportunities and thought leader- 
ship to them. In addition, we are part of the COSO framework ad- 
dressing internal controls and actually refreshing that to detect 
fraud. 

Mrs. Biggert. Thank you very much, and I yield back. 

Chairman Garrett. Thanks. Since the gentlelady yields back, I 
will yield myself 3 minutes for the final word of the day. 

So, there are some things that are good with SOX and there are 
certainly some things that are terrible about it. And there are cer- 
tainly some things that were good about Dodd-Frank, and certainly 
some things that were terrible about it. I guess the ironic part of 
all this is that one of the best parts of Dodd-Frank was the repeal 
or the lowering of the limits — raising the limits for SOX. So, that 
is the irony there. 

Let us begin with Mr. Hatfield. When these crises occurred back 
like when Enron and WorldCom and all those things, Congress 
rushes in, tries to pass legislation to do it right away. One of those 
people — one of the Senators who helped pass SOX was Jon Corzine, 
who then went on to become CEO of MF Global. And so the ques- 
tion there is did having him in — having Sarbanes-Oxley in place, 
did that solve or prevent the losses over there? 

Mr. Hatfield. It would seem to be that they did not. I think reg- 
ulation has its purpose. But if we are to protect against every out- 
come and the bad actors that inevitably are going to be out there 
in some measure, we can increase regulation to the point where no 



27 


one will ever go public. And public companies, particularly those in 
the less than $250 million float range that Congressman 
Fitzpatrick has sponsored legislation on, those companies will go 
back to being private. And I think we need to establish the balance. 

Chairman Garrett. Right. And so just in line with that, and I 
know the other side of the aisle believes that Section 404(b), we 
have talked about that, is the answer to all these things. Without 
objection — I guess I will not get any objection — I will put into the 
record the attestation provision from the compliance with that for 
Lehman Brothers right before their bankruptcy, and also put into 
the attestation provision from JPMorgan right before their recent 
London Whale trade. 

I will also put into the record the attestation provision for Bear 
Stearns & Company right before their bailout. Also again, the at- 
testation provision with regard to MF Global right before Jon 
Corzine as CEO apparently transferred millions of dollars from in- 
vestors’ accounts, customers’ accounts. And also, the two attesta- 
tion provisions, one from Fannie Mae and one from Freddie Mac, 
right before each one of their bailouts in the past. 

Without objection, obviously it is clear that those attestations in 
compliance with SOX did nothing in all of those circumstances. 

Mr. Coffee, in your written testimony, and you just touched on 
it very briefly; you used the words “mature mediocrities.” There we 
go mediocrities. These are companies that have been in place for 
about 5 years or more and just sort of stayed about the same. 

And whereas we are saying that maybe the small companies, and 
I think you even said maybe need that growth pattern and the ex- 
emption to get up there that these do not. Is there something about 
companies that want to stay at that level that they do not deserve 
the same sort of exemption and abilities to continue to grow that 
the small companies do? 

Mr. Coffee. I think the differences between a brand new startup 
company that might use a 5-year transitional experience in order 
to comply with Federal securities laws. That is what the JOBS Act 
said. And I think that is a stronger rationale than saying a com- 
pany that has already been subject to Section 404(b) for at least 
5 years should get a complete immunity. 

And do they want to stay at that level? I assume that all compa- 
nies would like to get their market capitalization up and their 
stock price up. But we will see a certain amount of gaming if we 
use this rigid test of $250 million. 

The SEC has made that finding in its report that any time we 
use a rigid market cap test, we are likely to see a lot of gaming 
around that key line. And because there are more companies, there 
will be more gaming. 

Chairman Garrett. Right. And I guess we could see if you go 
back to what was the impetus behind Sarbanes-Oxley in the first 
place was not the small companies, was not the mid-size compa- 
nies; it was not even these mature mediocrity type companies. 

It was the huge companies. It was the Enron’s. It was the 
WorldCom’s. It was some of the other companies that were literally 
huge companies that initially was the trigger for Congress to do 
their typical knee-jerk reaction in these things and pass SOX. And 



28 


it was not these mid-size companies and was not the small compa- 
nies. 

And the last point, and Mr. Himes is not here, is the costs and 
the cost-benefit analysis, which is one of my driving home points. 
And there is really — this is a rhetorical point. While if we can pass 
legislation and try to do a cost -benefit analysis and say on the one 
hand is the expense, millions or billions of dollars. 

And on the other hand is the entire collapse of the world market- 
place. What you are never going to have a reason not to pass legis- 
lation to do so because you can never outweigh that. But what is 
intangible is — and a couple of you talked about this — the oppor- 
tunity costs. 

And the fact that we are seeing so many IPOs going overseas 
and not going over here — what is that expression: It is priceless. 

The businesses that are not in this country, the jobs that are not 
in this country, the families who have been dislocated because they 
cannot get a job anymore, the communities that have been deci- 
mated because they do not have jobs whether it is in manufac- 
turing, construction, biotech or the like. How do you put a price on 
that? 

That is called opportunity costs. I do not know. The economists 
probably cannot do it. But that would be the rhetorical question 
back to Mr. Himes. And that is the question that we have to grap- 
ple with in any legislation when we do a price-benefit analysis. 

But with that, I have to go vote, hopefully before the board 
closes. 

I ask unanimous consent to make a statement from the Institute 
of Internal Auditors a part of the record. 

Without objection, it is so ordered. 

Again, thanks so much to the panel for putting up with the ab- 
breviated portion here. But all your testimony has already been 
considered and will continue to be considered. I thank the panel. 

The Chair notes that some Members may have additional ques- 
tions for this panel, which they may wish to submit in writing. 
Without objection, the hearing record will remain open for 30 days 
for Members to submit written questions to these witnesses and to 
place their responses in the record. 

The hearing is now adjourned. 

[Whereupon, at 11:00 a.m., the hearing was adjourned.] 



APPENDIX 


July 26, 2012 


(29) 



30 



■ NGRESSMAN 


SCOTT GARRETT 

PRESS RELEASE 



FOR IMMEDIATE RELEASE Contact: Amy Smith 

July 26, 2012 Phone: 202-225-4465 

Garrett Opening Statement at Hearing Regarding the 10 th Anniversary of the 
Sarbanes-Oxley Act 

WASHINGTON, DC — Rep. Scott Garrett (R-NJ), Chairman of the Financial Services 
Subcommittee on Capital Markets and Government-Sponsored Enterprises, issued the following 
opening statement today at a hearing regarding the 10 th anniversary of the Sarbanes-Oxley Act: 

“Today’s hearing will examine the Sarbanes-Oxley corporate governance law, 10 years after it was 
signed into law. 

“Sarbanes-Oxley (SOX) was passed in 2002 in the wake of the accounting failures and frauds at 
Enron and WorldCom. While these scandals were terrible and many investors lost their life savings, 
Congress did what it normally does - pass a law claiming to have solved all of the problems and that 
it will never happen again. 

“Sound like a familiar story? It should. The passage of Sarbanes-Oxley no more solved all of the 
potential problems with financial reporting and corporate governance than Dodd-Frank did with 
Too-Big-To-Fail. What each law did is lay on another huge layer of cost on our economy and one- 
size-fits-all red tape over our small businesses and job creators. 

“My colleagues across the aisle claim that if we just pass one more law, add one more regulation, 
take away one more freedom; that all of the problems in our financial sector will go away, investors 
will only gain money and never lose and that there will be no more fraud or bad actors anymore. 
Unfortunately, this is just not true. 

“One of the most hotly contested provisions of Sarbanes-Oxley is 404b, the requirement that public 
companies have an outside, independent attestation of their internal controls. My friends on the 
other side and their investor group allies claim this is a vital and important requirement that adds 
immense protection for investors. 

“Well, I would like to enter into the record the following independent attestations for internal 
controls for the following companies: 

Lehman Brothers - right before their bankruptcy 
JP Morgan — right before their recent London Whale trade 
Bear Stearns Co. — right before their bailout 


31 


MF Global - right before Jon Corzine illegally transferred millions of customer funds into his own 
account 

Fannie Mae — right before their bailout, and 
Freddie Mac — right before theirs 

“404b didn’t prevent investors from losing any money with these firms. It didn’t even slow it 
down. I would like to thank the gentleman from Pennsylvania, Mr. Fitzpatrick, for his recently 
introduced legislation that would narrow the definition of an accelerated filer and exempt more 
small businesses from this onerous requirement, I commend him for his hard work. 

“I am not saying all of the parts of Sarbanes-Oxley are terrible or don’t have some benefit. Nor am 
I saying that of Dodd-Frank, but I do find it ironic that one of the best parts of Dodd-Frank is a 
provision added to exempt small businesses from Sarbanes-Oxley. 

“And, as difficult as Sarbanes-Oxley has been for small businesses to comply with, Dodd-Frank will 
seem like SOX. on steroids. Just the corporate governance provisions in Dodd-Frank: (Say-on-Pay, 
Proxy Access, Pay-Ratio, Claw back. Conflict Minerals, and Extractive Industries) will have a more 
negative impact on small public companies and job creators than the entire SOX legislation has had. 

“In the current economic environment where unemployment is chronically above 8% and our job 
creators face the very real threat of higher taxes and additional regulation, it is essential that we 
conduct appropriate oversight on all federal statutes regardless of whether they have been around 10 
years or 2 years. 

“I thank the witnesses for their participation today and look forward to their testimony.” 

### 



32 


OPENING STATEMENT 
CHAIRMAN BACHUS 

Subcommittee on Capital Markets and Government Sponsored Enterprises 
“The 10 th Anniversary of the Sarbanes-Oxley Act” 

July 26, 2012 


Thank you, Chairman Garrett, for convening this hearing to review the first 
decade of the Sarbanes-Oxley Act and its impact on the U.S. economy and the 
capital markets. 

When Congress passed the Sarbanes-Oxley Act in response to the accounting 
and corporate governance scandals at Enron, WorldCom and several other large 
corporations, it did so to promote greater transparency in financial reporting, 
increase accountability in boardrooms, protect investors, and promote sound 
corporate governance. While there are many good provisions in Sarbanes-Oxley 
that helped restore confidence in the U.S. capital markets, the costs associated with 
the law are significant. It is incumbent upon this Committee to continually assess 
whether the costs of this law - and any financial services law - exceed the benefits 
and whether changes are necessary to ensure that compliance costs do not 
disadvantage small companies. 

Several studies indicate that a majority of public companies believe the cost 
of complying with Sarbanes-Oxley exceeds the benefits in the first year. Moreover, 
at a time when fewer companies are going public in the United States, companies 
consistently identify Sarbanes-Oxley compliance as a deterrent to accessing the 
public markets. This Committee has already taken action through the JOBS Act to 
help remedy this situation, and we must be willing to take more action if necessary. 

There are also concerns about regulatory overreach brought about by 
Sarbanes-Oxley, particularly with the Public Company Accounting Oversight Board 
that was created by the Act. For example, the Board ignored the flexibility provided 
to it in the Dodd-Frank Act to scale its oversight of auditors of broker-dealers. 
Instead, the board imposed a one-size-fits-all exam program on all of these auditing 
firms. Moreover, there are some at the PCAOB who believe that public companies 
should be required to rotate their audit firms. Mandatory audit firm rotation is not 
sound policy and would increase both the cost of auditing and decrease audit 
quality. 



33 


In closing, I want to thank Congressman Fitzpatrick for introducing 
legislation to refine the SEC’s definition of a large accelerated filer. In this 
struggling economy, Congress should do everything it can to make it easier for 
small businesses to grow, create jobs and, ultimately, sell shares to the public. 
Congress should always be willing to consider proposals that foster the formation of 
capital or relieve some of the regulatory burdens that impede the formation of 
capital, the extension of credit and the creation of jobs. 

I thank our witnesses for appearing this morning and I yield back the 
balance of my time. 



34 


Statement 

Representative Gwen Moore 
House Financial Services Committee 
Subcommittee on Capital Markets 
Hearing entitled “The 10th Anniversary of the Sarhanes-Oxley Act" 
July 26, 2012' 


I want to begin by thanking the Chairman and Ranking Member for 
holding this hearing and to the witnesses for their testimony today. 

I hope to take advantage of this hearing to find opportunities to improve 
the Sarbanes-Oxley Act. 

Thank you and I look forward to hearing from our witnesses. 



35 





36 



Ten years ago, the US capital markets were roiled by revelations of 
financial wrongdoing at numerous major companies. The damage 
to investors, pensioners, communities and markets was historic. 
Corporate executives were jailed. One of the nation's largest 
companies and one of the largest audit firms went out of business. 
After hundreds of corporate earnings restatements, confidence in 
financial markets was shaken to the core. 


To restore public confidence in the reliability of financial reporting, the US Senate and House of Representatives passed the 
Sarbanes-Oxley Act of 2002, by votes of 99-0 and 423-3, respectively, sending it to President George W. Bush, who signed the 
reform measure into law on July 30. 2002. Since its enactment, the Sarbanes-Oxley Act, or SOX as it is often called, has been both 
heralded and maligned. Ernst & Young believes it is important to consider what the Act was actually designed to do and to revisit the 
significance of its impact. 

SOX was designed to enhance the reliability of financial reporting and to improve audit quality. At Ernst & Young, we believe it has done 
both; although, more work surely remains. SOX forged a new era for the US audit profession by ending over 100 years of self-regulation 
and establishing independent oversight of public company audits by the Public Company Accounting Oversight Board (PCAOB). 

SOX strengthened corporate governance, shifting responsibility for the external auditor relationship away from corporate management 
to independent audit committees. It instituted whistleblower programs, CEO and CFO certification requirements and stricter criminal 
penalties for wrongdoing, including lying to the auditor. These measures and others were geared toward improving the reliability of 
corporate financial reporting. 

Over the last 10 years, key elements of the Act have been replicated around the world, perhaps the purest form of flattery. Today, 
on the heels of the global financial crisis, many jurisdictions are looking anew at policy improvements similar to those instituted by SOX. 

To be sure, Sarbanes-Oxley has received its share of criticism over the years, the bulk of which has focused on Section 404 relating 
to internal controls over financial reporting. Such concerns have been addressed since the passage of SOX through a series of 
regulatory and legislative actions, including changes enacted earlier this year. 

At Ernst & Young, we believe history has shown, and will continue to show, that the Sarbanes-Oxley Act as a whole has afforded a substantial 
benefit to investors and US capital markets. We believe that one of the greatest successes of the Sarbanes-Oxley Act was to align the 
interests of auditors, independent audit committees and audit oversight authorities with those of shareholders. In our view, as the 
10th anniversary of the Sarbanes-Oxley Act approaches, the Act continues to provide a solid foundation from which to further this alignment. 

This document reviews the Act's key provisions, perspectives on some improvements engendered by SOX and opportunities for further 
enhancements to the financial reporting system. 

James S. Turley Steve Howe 

Global Chairman and CEO Americas Managing Partner and Managing Partner of the US Firm 




Principal components of the 
Sarfaanes-Qxley Act of 2002 


Established the PC-AOB, 
public company audit, pr 


provided the PCAOS 


Required lead audit. 




38 


Established independent 
oversight of public 
company audits 


Sarbanes-Ox ley's establishment of the PCAOB, which ended more 
than 100 years of self-regulation at the federal level by the public 
company audit profession, is perhaps the most fundamental change 
made by SOX. Today, it is the PCAOB, not the profession, which 
regulates audit firms, establishes auditing and ethics standards, 
conducts audit quality inspections for the purpose of identifying 
Issues related to audit quality, investigates allegations and disciplines 
auditors of public companies and broker-dealers. 1 

As of December 31, 2011, over 2,000 audit firms from more than 
80 countries were registered with the PCAOB. In 2011, it conducted 
inspections of 213 registered audit firms, and initiated an interim 
inspection program for broker-dealers. 2 The PCAOB's standard- 
setting initiatives and inspections have contributed significantly 
to improvements in audit quality and auditor independence - 
affording investors significant benefits. 


Standard setting 

The PCAOB has the authority to set standards governing how 
auditors conduct audits of public companies and broker-dealers; 
auditor ethics and independence; and an audit firm's system of 
quality control. From time to time, the PCAOB identifies potential 
areas to be addressed via standard setting, including review 
and analysis of information obtained from inspections as well as 
input received from its Standing Advisory Group, which includes 
representatives from investor groups, the audit profession and 
public company board members. 3 The PCAOB also seeks comment 
from and publicly engages with a variety of stakeholders throughout 
the year via the public comment process, roundtables and other 
means. Recent and current standard-setting projects include 
those related to the auditor's risk assessment process, auditor 
communications with audit committees and the nature and 
content of the auditor's report. 

In addition to standard setting, PCAOB staff issue practice alerts to 
draw auditors' attention to emerging issues or risks. Recent alerts 
have highlighted audit risks associated with the current economic 
environment and certain emerging markets. Ernst & Young 
believes the PCAOB's current standard-setting agenda has the 
potential to make significant additional contributions to audit quality. 


I Under Section 982 of the Dodd-Frank Wall Street Reform and Consumer Protection Act. 

the PCAOB now has authority over the auditors of broker-dealers. This publication focuses 

on the PCAOB's regulation of public company auditors, 


’ PCAOB Annual Report 20 H, available at i 


vpcaobus.org. 


3 See httpJ/pcaobus.org/Stamlartis/SAG/Pages/ciefautt.aspx 



39 


"While nobody likes to be inspected by 
their regulator, I truly believe that Ernst & Young 
and the entire profession will be better for it." 

James S. TUrley 

Global Chairman & CEO, Ernst & Young 
Testimony before the US Senate Committee on Banking, 

September 9, 2004 


Inspections 

The PCAOB’s inspection process is a significant element 
of its efforts to drive audit quality. Ernst & Young views 
the annual inspections as opportunities to further improve audit 
quality. The PCAOB inspects registered audit firms at intervals 
based on the number of public companies that the firm audits. 
Firms that perform annual audits of more than 100 issuers are 
inspected annually, while other firms are inspected at least 
every third year. The PCAOB uses a variety of factors to 
select the audits that it looks at for each audit firm it inspects, 
including its assessment of the risk that a public company's 
financial statements may contain a material misstatement. 

These inspections provide an independent review of audit quality 
that highlight opportunities for improvement within audit firms, 
both at the individual audit level and with respect to a firm’s system 
of quality control. Inspection results are used to identify areas 
in which additional audit guidance, training, practice reminders 
or enhanced skills may be needed, all of which enable audit 
professionals to improve their performance. 

As part of each inspection, the PCAOB prepares a report, part of 
which is made publicly available. The public portion of the report 
cites audits where the PCAOB believes the firm failed to obtain 
sufficient evidence to support its opinion. The non-public portion of 
the inspection report includes concerns raised during inspections 
related to a firm's system of quality control. If an audit firm does 
not address those concerns to the PCAOB's satisfaction within a 
one-year period, the PCAOB's concerns are publicly reported. 4 


Enforcement 

The PCAOB's enforcement staff actively investigates and sanctions 
individual auditors and audit firms for violations of laws, regulations 
and professional standards. The PCAOB's disciplinary powers include 
the authority to impose fines on individual auditors or the audit firm, 
revoke an audit firm's registration with the PCAOB (which would 
prevent it from performing audits of public companies and/or 
broker-dealers) and bar an individual auditor from association with 
registered audit firms. It also can punish firms and auditors that do 
not cooperate with PCAOB investigations and inspections and may 
refer matters to the SEC and other relevant authorities. The PCAOB 
publishes its settled and adjudicated disciplinary orders on its website 
to alert the public about the actions it has taken and against whom 
they have been taken. 


The Sarbanes-Oxley . 


' 2002, §104(gX2). 


40 



In a move that significantly strengthened corporate governance, 
Sarbanes-Oxley greatly expanded the responsibilities of audit 
committees. 5 SOX required the boards of companies listed on 
US stock exchanges to establish audit committees made up solely of 
board members independent from management. Because of SOX, 
audit committees, not management, are directly responsible 
for the appointment, compensation and oversight of the work of 
external auditors, who are charged with evaluating whether the 
financial statements prepared by management are fairly presented 
in accordance with the relevant financial reporting framework. 

With respect to the composition of the audit committee, SOX 
enhanced and codified changes the SEC and US stock exchanges 
had begun making in the late 1990s. In 1998, only about half of 
all public companies had fully independent audit committees (see 
table). Many audit committees were reconstituted in order to meet 
the new independence requirements outlined by the SEC and US 
stock exchanges in late 1999. 6 SOX went further and enhanced 
independence requirements to require for the first time that all listed 
company audit committee members be independent, meaning they 
could not be affiliated with the company or any subsidiaries, and did 
not directly or indirectly receive any compensation from the company 
other than in their capacity as members of the board. 



Evolving audit committee independence 
S&P 1500 companies 7 


While trie exchanges and the SEC began to make improvements at the end 
of the 1990s. SOX transformed the composition of audit committees. 

The new SOX audit committee independence rules became effective at 
companies' first annual shareholders meetings after January 15, 2004. 


SOX also encouraged audit committees to have at least one member 
who is a "financial expert" 8 to serve as a resource to help the audit 
committee carry out its duties. This puts the audit committee in 
a stronger position to review and challenge financial statements, 
determine whether internal controls are appropriate and sufficient 
and, if necessary, perform certain accounting actions to protect 
shareholder interests. Companies that do not have an audit 
committee member with financial expertise must disclose this in 
the annual proxy statement and explain the rationale for not having 
one. In 2003, only a small number of audit committee members 
were financial experts. Today, almost one-half of all audit committee 
members are identified through proxy statement disclosure as 
meeting the definition of a financial expert. 9 


5 Audit committees are made up of members of (he board of directors and oversee I he companies' 
accounting and financial reporting process. Securities Exchange Act §3(aX58). 

6 In 1999. the New York Stock Exchange, American Exchange, and NASDAQ approved rules to 

require that their listed companies have audit committees composed ol directors independent 
of management unless the board made a special determination that it was in the best interests 
of the company to have one audit committee member that was not independent. Each exchange 

had its own definition of "independent." In addition, the SEC issued a rule to require disclosure of 
whether the audit committee members of public companies were independent, as well as certain 

information about any non-independent members. 


7 Source: 2005 through present, Ernst 8 Young's corporate governance database; prior year data 

Investor Responsibility Research Center. Board Pradices/Soard Pay. 

0 Generally, a financial expert is a person who, through education and experience, has an 

understanding of and experience in applying generally accepted accounting principles and preparing 
financial statements, experience with internal controls and procedures for financial reporting, end 
an understanding of audit committee functions. SOX §407. 17cfr229,407(dX5Xii). 


Source: Ernst 8 Young's corporate govern 


: database, ! 


i SEC filings. 


41 


‘Prior to SOX, the process for the selection and 
assessment of the independent auditor 
pically was controlled by management ... 
mittees now play an essential role in our 
rate governance framework by overseeing 
and integrity of the company's financial s 


in our 


To facilitate its oversight of a company's financial reporting. SOX 
required companies to provide audit committees with the resources 
and authority to engage independent counsel and advisers to help 
them carry out their duties. SOX also required audit committees 
to establish procedures for receiving whistleblower complaints 
regarding accounting, auditing and internal control irregularities 
and to provide for the confidential and anonymous treatment 
of employee concerns regarding such matters. In addition, SOX 
enhanced the external auditor's required communications with the 
audit committee to include the following: 

* A discussion of all critical accounting policies and 
practices used by the company 

► All alternative accounting treatments that have been 
discussed with management, the ramifications of the use of 
alternative disclosures and accounting treatments and the 
accounting treatment preferred by the audit firm 

► Other material written communications between the 
auditor and management 


These reforms significantly empowered audit committees and 
they began to take a more active role to carry out their increased 
responsibilities. For example, audit committees for the S&P 500 
companies met on average five times a year in 2001. 10 The average 
number of annual meetings has nearly doubled to nine today. 11 
Audit committees also are exercising ownership of the relationship 
with the auditor. In a 2006 audit committee survey reported by 
the Center for Audit Quality, 90% of audit committee members 
surveyed said that "they work more closely with the independent 
auditor" post-SOX. 1 * As part of this increased focus, interaction and 
oversight, audit committees are asking the external auditor more 
probing questions and meeting with the audit firm's subject matter 
experts and senior leadership throughout the year, not just during 
formal meetings. Collectively, these reforms have contributed to 
significant enhancements in audit quality. 

To learn more about audit committee best practices, please visit 
www.ey.com/auditcommittee. 



Through the active support and 
audit committee networks acres 
than 200 audit committees and 


:es and leads nine 
s, who -chair more 
ipanies. 


tee performance 
es arid insights into 
ortunity for dialogue 


2001- 


, Ernst 8 Young's corporate governance database; prior year data. Investor Responsibility Research Center. I 
> and Compensation o( Boards of Directors at S8P Supra- 1500 Companies. 


11 Spencer Stuart 201 1 Board Index, http://content.speiKerslu3rt.Qom/sswebsite/pdl/lib/SS8l2011.smallOZ2ZlZ.pdf 




I Practices/Board Pay. 


12 Source: Center for Audit Quality, "Report < 


I Audit Committee Members," March 2008, htip:/A-rmvAhecaq.org/newsroorn/[xlfs/audits<jrvey.pdf 



42 


Enhanced transparency, 
executive accountability and 
investor protection 


One of the core elements of Sarbanes-Oxley was to clearly define 
and place responsibility for a company's financial statements with its 
chief executive officer and chief financial officer. SOX mandated that 
these executives certify the following items (among others) for each 
annual and quarterly report: 

► They have reviewed the report 

► Based on their knowledge, the financial information included in the 
report is fairly presented 

► Based on their knowledge, the report does not contain any untrue 
statement of material fact or omit a material fact that would make 
the financial statements misleading 

► They acknowledge their responsibility for establishing and 
maintaining internal controls over financial reporting and 
other disclosures 

► They have evaluated the effectiveness of these controls, presented 
their conclusion as to effectiveness and disclosed any material 
changes in the company’s controls 

By making management executives fully accountable for their 
companies' financial statements, Sarbanes-Oxley set a clear tone 
for corporate responsibility and helped restore investors' confidence 
in financial statements. To enhance the significance of these 
certifications, SOX mandated stiff penalties for executive officers 
who certify that financial reports comply with the various regulatory 
requirements while knowing that they do not. Such penalties include 
potential SEC enforcement action, forfeiture of bonuses and profits, 
or criminal penalties such as fines or imprisonment. 13 As a further 
step to help restore investor confidence in corporate financial 
statements, SOX required companies to have an auditor attest 
to the effectiveness of the company's internal controls over 
financial reporting. 


To supplement the financial relief available to victims of securities 
fraud, SOX also established the "Fair Funds" program at the SEC. 
This program allows the SEC to add monetary penalties paid by 
those who commit securities fraud to the funds available for 
distribution to wronged investors. 14 

In addition to requiring the chief executive and chief financial 
officers to certify that the financial statements are fairly presented 
in accordance with the relevant financial reporting framework, 
Sarbanes-Oxley established a number of important additional 
investor protections: 

► Public companies are now required to provide enhanced 
disclosures in annual and quarterly reports regarding 
material off-balance sheet transactions, arrangements 
and obligations 

► Public companies are required to report material changes 
in the financial condition or operations of the company 
on a rapid and current basis 

► Board members of public companies, officers and investors 
who own more than 10% of the shares of a public company 
must file reports specifying the number of shares bought or 
sold within two days of the transaction 

*• 8oard members and executive officers of public companies 
are prohibited from trading shares during a specific blackout 
period before and after earnings reports or when other 
material results are disclosed 


13 SOX §304 requires CEOs and CFOs to reimburse issuers for bonuses and profits on the safe 
ot the issuer's shares ovef the preceding 12 months if the Issuer restates its financial statements 

due to misconduct. Section 954 of the Dodd-Frank Act of 2010 requires companies to establish 

policies to recover incentive-based paY of any current or former executives awarded oyer the 

three years prior to a restatement, regardless of whether there was misconduct. The SEC has 14 Prior to SOX. these funds were paid to the US Treasury- 

net yet issued a rule to carry out this requirement. 


43 


A November 2009 study published by Audit Analytics 
found the rate of financial restatements was 46% 

higher for companies that did not comply with ai! of 

the Sarbanes-Oxley internal control provisions. 



:ro!s over financial reporting 


;sess how effective th 
could be materia! to 
effective systems of 


introls over financial 


iblic 
Foreign 
sand 
not - r 


includes whether there wen 


iinni 

mess, 

delayed 


i f and Section 
jisiation subse 
■ement for cer 


preparatii 


edited 

nsights 




44 


Enhanced auditor 
independence 


Sarbanes-Oxfey strengthened auditor independence and established 
certain types of non-audit services as off-limits to audit firms that 
provide auditing services to a public company. In addition, the 
company's independent audit committee must pre-approve any of the 
permissible non-audit services performed by the external auditor. 

To further enhance independence, SOX calls for the mandatory 
rotation of the lead engagement partner every five years, rather 
than seven years as had been required under prior professional 
standards, SOX also extended the five-year rotation requirement 
to the concurring audit partner . 15 During the rulemaking process 
following passage of Sarbanes-Oxley, the SEC further enhanced 
auditor independence by extending rotation requirements to other 
audit partners who have significant responsibilities on audits. 

These other audit partners are required to rotate off an engagement 
every seven years. 



15 "Concurring audit partner"{or "engagement quality reviewer" as defined in PCAOB standards) 

is a partner, independent of the audit team, whose role is to perform an objective review ot the 
significant judgments made by the audit team and the related conclusions reached in forming an 
opinion on the financial statements. Engagement quality reviewers must provide their approval 
prior to issuance ot an audit report. 


8 



45 


Looking ahead: 

the next 10 years 


As companies continue to operate in more volatile, dynamic and 
global market conditions, audits will become increasingly complex - 
and even more critical to investor confidence. For this reason, 

Ernst & Young strongly supports a broad spectrum of efforts to 
improve audit quality and strengthen corporate governance. 

For example, Ernst & Young supports enhancements to existing 
professional standards to strengthen the relevance, reliability and 
transparency of the audit process to investors. Some of the more 
significant recent efforts include the recently adopted standards 
related to the auditor's identification, assessment and response to 
the risks of material misstatement and engagement quality review. 
In addition, the PCAOB has a number of current initiatives that 
are intended to have a positive impact on audit quality, such as 
enhancements to the standards related to auditor communications 
with the audit committee, the auditor's reporting model, the 
auditor’s consideration of related parties and the evaluation of 
fair value measurements. 


At the global level, Ernst & Young expects to see increasing 
cooperation among audit regulators, many of which have been 
created since the passage of SOX. The International Forum of 
Independent Audit Regulators (IFIAR) was established in 2006 
and has a steadily growing membership roster (see graph below). 56 
The PCAOB is a member of IFIAR, which provides a forum for 
discussion of common concerns about and practices in audit firms. 
Ernst & Young supports measures to improve regulatory coordination 
across borders. 



Abu Dhabi 

Bulgaria 

Dubai 

Egypt 

Finland 

Greece 

Hungary 

Korea 

Lithuania 

Luxembourg 

Malaysia 

Malta 

Mauritius 

Poland 

Portugal 

Slovakia 
Sri Lank3 
Switzerland 

Taiwan 1 

Thailand 

Turkey 

USA (full member) 


§S&i>§| Original members 

Members that joined since 2006 ( Nate: Mexico is no longer represented in IF l AR. > 


16 See https://v/ww.iflnr.org/aboiilus/index.cfm 



46 


Withstanding the 

test of time 


While SOX put in place numerous improvements with respect to 
auditor oversight and independence, Ernst & Young believes that 
achieving and maintaining audit quality requires a process of 
continuous improvement. Auditors must always seek to improve in 
their work, given the dynamism and complexity of companies, global 
markets, financial products and the business environment. Fostering 
alignment through increased communication and transparency 
among auditors, audit committees and shareholders, as well as 
between audit committees and the PCA08, is critical to improving 
audit quality and maintaining investor confidence in the financial 
reporting system. For that reason, Ernst & Young has outlined 
support for a number of policy initiatives with regulators around 
the world, including the PCAOB, related to these topics, and has 
contributed suggestions to further their study. 17 


Moving forward, Ernst & Young reaffirms its commitment to 
build upon the foundation established by SOX by working with 
the PCAOB, independent audit committees and shareholders. 
As the 10th anniversary of the Sarbanes-Oxiey Act of 2002 
approaches, we encourage a closer iook at its provisions and 
impact, which we believe will stand the test of time. 


17 for more information on the policy initiatives that Ernst 8 Young supports, 
please see http://pc2obus.Org/Rules/Rutemaking/Docket037/063_l:Y.pdf and 
http://pcaobus.org/Rules/Rulemaking/Docket037/ps_Hawe.p<lf 


10 






48 


Key features of 

The Sarbanes-Oxley 
Act of 2002 


On July 25, 2002, Congress passed the Sarbanes-Oxley Act of 2002 by 
a vote of 423-3 in the House, and 99-0 in the Senate. On July 30, 2002, 
President George W. Bush signed the measure into law (PL 107-204). 

The following is an outline of the major requirements of the Act, broken 
into five sections: (1) consequences for issuers: (2) audit committee 
requirements; (3) board and corporate officer requirements: (4) audit firm 
requirements: and <5) the major amendments to SOX since its enactment. 

1. issuers 

The Act has the following consequences for issuers: 

L Issuers are subject to the Act: The Act defines "issuer" as any 
company whose securities are registered, whether the issuer is 
domiciled in the United States or elsewhere, and any company 
required to file reports under §15(d) of the Securities Exchange 
Act of 1934 (§2). 

2. Issuers must establish audit committees: The Act effectively 
requires all listed companies, whether US or non-US, to have fully 
independent audit committees (Title II generally). 

3. The PCAOB can compel testimony and audit work papers related to 
an issuer: The PCAOB may require testimony or the production of 
documents or information in the possession of any registered audit 
firm or "associated person" of the firm relevant to an investigation. 
The PCAOB may also "request" documents and testimony from other 
persons, including issuers. If necessary, the PCAOB may request that 
the SEC issue a subpoena to assist it in its investigation (§105). 

4. Issuers will be held responsible for associating with suspended or 
barred auditors: The Act prohibits an issuer from employing a person 
who has been suspended or barred from associating with any audit 
firm (§105). 

5. Issuers are required to fund the PCAOB's and FASB's operations: 

The Act authorizes the PCAOB to fund itself by requiring issuers to 
pay an "annual accounting support fee." Issuers also are responsible 
for funding FASB (§108 and §109). 


6. An issuer may not engage its auditor for nine specifically listed 
categories of non-audit services: The Act statutorily prohibits 
specifically listed categories of non-audit services from being offered 
by audit firms to their public audit clients (§201). 

7. An issuer's audit committee must pre-approve all audit and 
non-audit services: Before an auditor can provide audit services 

or any non-audit service to a public audit client, the audit committee 
of the client must approve (§202). 

8. Issuers must disclose approvals of non-audit services: Audit 
committee approvals of non-audit services must be disclosed 
in SEC periodic reports (§202). 

9. Issuers must wait one year before hiring an audit engagement team 
member to be CEO, CFO, CAO or equivalent: The Act provides that 
an audit firm may not provide audit services for a public company 

if that company's chief executive officer, controller, chief financial 
officer, chief accounting officer, or other individual serving in an 
equivalent position, was employed by the audit firm and worked on 
the company's audit during the one year before the start of the audit 
services (§206). 

10. Issuers must provide audit committees with adequate funding: 

Issuers must provide appropriate funding, as determined by the audit 
committee, for payment of compensation to the auditor and any 
advisers employed by the audit committee (§301). 

1 1. Issuers must disclose off-balance sheet transactions: The SEC issued 
rules requiring that annual and quarterly financial reports disclose all 
material off-balance sheet transactions, arrangements, obligations, 
and other relationships of the issuer that may have a material current 
or future effect on the financial condition of the issuer (§401). 

12. Issuers must reconcile pro forma information with GAAP and 
not omit information that otherwise makes financial disclosures 
misleading: The SEC issued rules providing that pro forma financial 
information disclosures must reconcile with GAAP and not be 
misleading (§401). 


12 



49 


13. Issuers may not extend loans to board members or corporate 
officers: The Act makes it unlawful for an issuer to extend a loan to a 
board member or executive officer that is not made in the ordinary 
course of business of the issuer, and is not of a type generally made 
available to the public and on market terms (§402). 

14. Issuers must disclose transactions involving management and 
principal stockholders: Section 16 of the Securities Exchange Act 
of 1934 was amended to require that changes in equity ownership 
by board members, officers and 10% stockholders must be reported 
within two business days after the day of the transaction. These 
"Section 16 filings" must be filed electronically and posted on the 
company's website (§403). 

15. Issuers must make annual internal control reports: Issuers must 
make reports that (1) state the responsibility of management 
for establishing and maintaining an adequate internal control 
structure and procedures for financial reporting, and (2) contain 
an assessment as of the end of the most recent fiscal year of the 
effectiveness of the internal control structure procedures of the 
issuer for financial reporting. The auditor must attest to, and report 
on, management's assertion (§404). 

16. Issuers must disclose whether they have adopted codes of ethics 
for their senior officers: The SEC issued rules requiring companies 
to disclose whether they have adopted codes of ethics for senior 
officers. If not, issuers must explain their rationale for failing to 
do so (§406). 

17. Issuers must disclose the existence of a "financial expert” on the 
audit committee: The SEC issued rules requiring issuers to disclose 
whether or not (and if not, reasons therefore) the audit committee 
has at least one member who is a "financial expert" (§407). 


18. Issuers must disciose information about “material changes" on a real 
time basis: Public companies must disclose in plain English and “on 

a rapid and current basis” additional information regarding materia! 
changes in their financial conditions or operations (§409). 

19. The Act creates criminal penalties for obstruction of justice by 
destruction of documents: The Act creates criminal penalties for 
obstruction of federal agency or other official proceedings by 
destruction of records. The Act provides for up to 20 years in jail for 
knowingly destroying or creating evidence with intent to obstruct a 
federal investigation or matter in bankruptcy (§802 and §1102). 

20. The Act changes bankruptcy law regarding obligations incurred in 
violation of securities laws: The Act amends the federal bankruptcy 
code so that obligations arising from securities iaw violations cannot 
be discharged in bankruptcy (§803). 

21. The Act creates longer statutes of limitations for securities fraud 
cases: The Act lengthens the statute of limitations for private federal 
securities fraud lawsuits from one year after the date of discovery of 
the facts constituting the violation and three years after the fraud to 
two years from discovery and five years after the fraud (§804). 

22. The Act creates "whistleblower" protections for employees of 
issuers: The Act provides whistleblower protection to employees of 
publicly traded companies when they disclose information or assist in 
detecting and stopping fraud (§806 and §1107). 

23. The Act creates criminal penalties for defrauding shareholders 
of publicly traded companies: The Act provides that anyone who 
"knowingly" defrauds shareholders of publicly traded companies may 
be subject to fines and imprisonment of up to 25 years (§807). 

24. The Act enhances penalties for white collar crime: The Act increases 
jail time for conspiracy, mail and wire fraud, violations of ERISA, 
Exchange Act violations and retaliation against informants 
(§902, §903, §904, §1106 and §1107). 


13 



50 


H. Audit Committees 

The Act requires that audit committees: 

25. Pre-approve ail audit and non-audit services: The Act provides that 
both auditing and non-audit services must be pre-approved by the 
audit committee. The Act makes it "unlawful" for audit firms to 
perform nine specifically listed categories of non-audit services 
for their public audit clients. The Act specifically indicates that the 
performance of any other non-audit service by an audit firm for a 
public audit client is not prohibited, provided such services are 
"pre-approved" by the client's audit committee (§201, §202). 

26. Have the ability to delegate pre-approval authority: The pre-approval 
of non-audit services may be delegated to a member of the audit 
committee. The decisions of any audit committee member to whom 
pre-approval authority is delegated must be presented to the full 
audit committee at its next scheduled meeting (§202). 

27. Receive regular reports from the auditor on accounting treatments: 
An auditor must report to the audit committee on the critical 
accounting policies and practices to be used, all alternative 
treatments of financial information within GAAP that have been 
discussed with management, including the ramifications of the use 
of such alternative treatments, and the treatment preferred by the 
auditor; any accounting disagreements between the auditor and 
management; and other material written communications between 
the auditor and management (such as any management letter and 
schedule of unadjusted differences) (§204). 

28. Be responsible for oversight of the auditor: The Act provides that 
auditors shall report to and be overseen by the audit committee of a 
client, not management. The audit committee is "directly responsible 
for the appointment, compensation, and oversight" of the auditor's 
work (§301). 

29. Be independent of the issuer: Audit committee members must be 
independent. In order to be considered "independent," an audit 
committee member may not accept any consulting, advisory or other 
compensatory fees from the issuer or be an "affiliated person” of the 
issuer or a subsidiary thereof (§301). 

30. Establish complaint procedures: Audit committees must establish 
procedures for receiving and treating complaints regarding 
accounting and auditing matters, including complaints from those 
who wish to remain anonymous (§301). 

31. Be given authority to engage advisers: Audit committees must "have 
the authority to engage independent counsel and other advisers, as 
it determines necessary, to carry out its duties” (§301). 


32. Receive corporate attorneys' reports of evidence of a materia! 
violation of securities laws or breaches of fiduciary duty: The SEC 
established rules for attorneys appearing before it that require them 
to report evidence of a material violation of securities laws or breach 
of fiduciary duty or similar violation by the company to the chief iega! 
counsel or the CEO. If management does not appropriately respond 
to the evidence, the attorney must report the evidence to the audit 
committee (§307). 

iii. Boards of directors/Corporate officers 

The Act imposes the following requirements on boards of 

directors and corporate officers: 

33. The board of directors must either form an audit committee or take 
on such responsibilities: The Act requires boards of directors to either 
form an audit committee or otherwise take on the responsibilities of 
one (§2). 

34. CEO and CFO must certify financial reports: An issuer's CEO and CFO 
must certify that periodic reports filed with the SEC are materially 
correct: that financial statements and disclosures "fairly present" the 
company's operations and financial condition in all material respects; 
and that they are responsible for evaluating and maintaining internal 
controls, have designed such controls to ensure that material 
information related to the issuer and its consolidated subsidiaries 

is made known to such officials and others within such entities, 
have evaluated the effectiveness as of a date within 90 days prior 
to the report, and have presented in their report their conclusions 
about the effectiveness of their interna! controls. Further, they shall 
certify that they have disclosed to the auditor and audit committee 
all "significant deficiencies" in the design or operation of internal 
controls, including any material weaknesses, and any fraud, whether 
or not material, that involved management or other employees who 
have a significant role in the issuer's internal controls (§302). 

A separate criminal provision requires the signing officer to certify 
that each periodic report containing financial statements complies 
with securities laws and that the information in such report fairly 
presents, in all material respects, the financial condition and results 
of operations of the company. Failure to do so is a criminal felony, 
punishable by up to ten years in jail. A willful violation is punishable 
by a fine up to US$5 million and/or imprisonment of up to 20 years 
(§906). 

35. Officers, directors and others are prohibited from fraudulently 
misleading their auditors: The Act prohibits "any officer or director 
of an issuer" and persons "acting under the direction thereof" from 
taking any action to fraudulently influence, coerce, manipulate or 
mislead any accountant engaged in preparing an audit report, for the 
purpose of rendering the audit report misleading (§303). 


14 



51 


36. CEO/CFO must disgorge bonuses and profits after restatements due 
to misconduct: CEOs and CFOs must forfeit bonuses, incentive-based 
compensation and profits on stock sales if the issuer is required to 
issue a restatement due to misconduct (§304). 

37. The SEC can bar "unfit" officers and directors: The Act gives the SEC 
authority to bring administrative proceedings to ter persons who are 
found to be "unfit” from serving as officers or directors of publicly 
traded companies. (Note: Under prior law, the SEC had to go to court 
to obtain such a bar, and the standard was "substantial unfitness/') 
(§305 and §1105). 

38. Officers and directors are prohibited from trading during pension 
"blackout" periods: The Act prohibits corporate officers and directors 
from trading company securities during a pension fund "blackout" 
period (§306). 

39. The CEO and chief legal counsel must receive corporate attorneys’ 
reports of evidence of a material violation of securities laws or 
breaches of fiduciary duty: The SEC established rules for attorneys 
appearing before it that require them to report evidence of a material 
violation of securities iaws or breach of fiduciary duty or similar 
violation by the company to the chief legal counsel or the CEO. if 
management does not appropriately respond to the evidence, the 
attorney must report the evidence to the audit committee (§307). 

40. The Act gives the SEC authority to temporarily freeze the pay of 
corporate officers: The Act gives the SEC authority to temporarily 
freeze the pay of corporate officers pending an investigation of 
securities fraud (§1103). 

IV. Audit firms 

The Act’s regulatory board provisions require audit firms to: 

41. Be subject to oversight by a new accounting oversight board: 

The Act established the PCAOB, which has broad powers over the 
profession. The PCAOB has five full-time members, appointed 
for staggered five-year terms. Two (and no more than two) of the 
members must be or have been CPAs. The SEC appoints PCAOB 
members (after consultation with other agencies) (§101). 

42. Register with the PCAOB: Audit firms that perform audits of public 
companies must register with the PCAOB. The registration form 
requires firms to disclose: the names of audit clients: annual fees 
received from each issuer for "audit services, other accounting 
services, and non-audit services;" a statement of the firm's quality 
control policies; a list of all the firm's auditors, and licensing 
information; information relating to criminal, civil, or administrative 
actions or disciplinary proceedings pending against the firm or 
associated persons in connection with any audit report; copies of 


any SEC reports disclosing accounting disagreements between the 
firm and an issuer in connection with an audit report; any additional 
information the PCAOB specifies as necessary or appropriate in the 
public interest or for the protection of investors; consent to cooperate 
in and comply with any testimony or document production request 
made by the PCAOB; and an agreement to secure and enforce similar 
consents from "associated persons" of the firm (§102). 

43. Submit periodic reports: Audit firms must submit annual updates 
of their registration to the PCAOB (more frequently if the PCAOB 
determines it necessary) (§102). 

44. Pay fees to the PCAOB; Audit firms must pay registration fees 
and annual fees to the PCAOB to cover the costs of processing 
applications and annual reports (§102). 

45. Comply with auditing and other professional standards: The Act 
requires the PCAOB to establish, or adopt by rule, "auditing and 
related attestation standards," as well as "ethics standards" to be 
used by audit firms in the preparation and issuance of audit reports. 
The Act indicates that the PCAOB may adopt standards proposed by 
"professional groups of accountants" (§103). 

46. Comply with quality control standards: The Act requires the 
PCAOB to issue standards for audit firms' quality controls, including: 
monitoring of ethics and independence, internal and external 
consulting on audit issues, audit supervision, hiring, development 
and advancement of audit personnel, client acceptance and 
continuance, and internal inspections (§103). 

47. Submit to quality control inspections: The PCAOB must regularly 
inspect audit firms' audit operations (annually for large firms) to 
assess the degree of compliance by those firms with the Act, the 
rules of the PCAOB, the firm's own quality control policies, and 
professional standards relating to audits of public companies (§104). 

48. Subject foreign firms to PCA08 regulation: Foreign audit firms that 
"prepare or furnish" an audit report with respect to US registrants 
must register with the PCAOB and are treated the same as US audit 
firms for purposes of the Act (§106). 

49. Secure the consent of foreign firms to PCAOB requests for 
documents if a domestic firm relies on its opinion: A domestic audit 
firm that relies upon the opinion of a foreign audit firm must "secure" 
the foreign firm's agreement to supply audit work papers to the 
PCAOB (§106). 


15 



52 


The Act's legal and disciplinary provisions have the following 

consequences for audit firms: 

50. Investigations and disciplinary actions: The PCAOB investigates 
potential violations of the Act, its rules, related provisions of the 
securities laws (and the rules) and professional accounting and 
conduct standards (§105). 

51. Testimony and document production requests: The PCAOB may 
require testimony or the production of documents or information 
in the possession of any audit firm, "associated person,” or any 
other person (including any client of an audit firm) if relevant to an 
investigation. All confidential information received by the PCAOB 
under the authority provided in §105 may be furnished to the SEC 
and appropriate federal functional regulators (§105). 

52. PCAOB sanctions, including suspension: The PCAOB may impose 
sanctions for non-cooperation or violations, including revocation or 
suspension of an audit firm’s registration, suspension from auditing 
public companies, and imposition of civil penalties (§105). 

53. State and federal prosecution after referral from the PCAOB: 

The PCAOB may refer investigations to the SEC, or with the SECS 
approval to the Department of Justice, state attorneys general, 
or state boards of accountancy, if such disclosure is "necessary to 
accomplish the purposes of the Act or to protect investors" (§105). 

54. Sanctions for failure to supervise: The PCAOB may also impose 
sanctions upon an audit firm or its supervisory personnel for failure 
reasonably to supervise a partner or employee (§105). 

55. Members of the audit engagement team must wait one year 


The Act's internal procedure provisions require audit firms to: 

58. Retain documents: Pursuant to SOX, the PCAOB issued standards 
compelling audit firms to maintain for seven years “audit work 
papers, and other information related to an audit report, in sufficient 
detail to support the conclusions reached in such a report" (§103). 

59. Submit audits to second partner reviews: The PCAOB issued 
standards requiring audit firms to have second partner review and 
approval of each public company audit report (§103). 

60. Rotate audit partners every five years: An audit firm must rotate its 
lead partner and its review partner on audits so that neither role is 
performed by the same accountant for more than five consecutive 
years (§203). 

With respect to their public clients, the Act requires audit 

firms to: 

61 . Comply with PCAOB issued internal controls testing standards: 

The PCAOB issued standards requiring an auditor's report on its 
"findings" with respect to the audit client's internal control structure 
and the auditor's "evaluation" of whether the internal control 
structure and procedures "include a maintenance of records that in 
reasonable detail accurately and fairly reflect the transactions and 
dispositions of the assets of the issuer: provide reasonable assurance 
that transactions are recorded as necessary to permit preparation 

of financial statements in accordance with [GAAP], and that receipts 
and expenditures of the issuer are being made only in accordance 
with authorizations of management and directors of the issuers” 
(§103). 


before accepting employment as an audit client's CEO, CFO, CAO 
or equivalent: The Act provides that an audit firm may not provide 
audit services for a public company if that company's chief executive 
officer, controller, chief financial officer, chief accounting officer, or 
other individual serving in an equivalent position, was employed by 
the audit firm and worked on the company's audit during the one 
year before the start of the audit services (§206). 

56. Criminal penalties for destruction of corporate audit records: 

The Act creates a felony for the willful failure to maintain "all audit 
or review work papers" for five years. Pursuant to SOX, the SEC 
promulgated a rule on the retention of other audit records (paper 
and electronic) in addition to actual work papers (§802). 

57. Longer statutes of limitations for securities fraud cases: The Act 
lengthens the statute of limitations for securities fraud from one year 
after the date of discovery of the facts constituting the violation and 
three years after the fraud to two years from discovery and five years 
after the fraud (§804). 


62. Attest to management's representations on internal controls: 

The Act requires management to assess and make representations 
regarding the quality of internal controls and requires audit firms to 
attest to and report on management's assessment (§404). 

63. Cease offering certain non-audit services to public audit clients: The 
Act statutorily prohibits a number of non-audit services from being 
offered to public audit clients (§201). 

64. Obtain audit committee preapproval for services: Before an audit firm 
can provide audit or non-audit services to a public audit client, the 
audit committee of the client must approve (§202). 

65. Regularly report to audit committees on accounting treatments: 

Audit firms must report to the audit committee on the critical 
accounting policies and practices to be used, all alternative 
treatments of financial information within GAAP that have been 
discussed with management officials, the ramifications of the use 
of such alternative treatments, and the treatment preferred by the 
auditor; any accounting disagreements between the audit firm and 
management and other material written communications between 
the audit firm and management (§204). 

66. Be responsible to the audit committee, not management: The Act 
provides that audit firms shall report to and be overseen by the audit 
committee of a company being audited, not management (§301). 


16 



53 


V. Amendments to the Sarbanes-Oxley Act 

Housing and Economic Recovery Act of 2008: 

67. Ail confidential information received by the PCAOB under the 
authority provided in §105 may be furnished to the Director of 
the Federal Housing Finance Agency, at the discretion of the SEC 
(§1161). 

Dodd-Frank Act of 2010: 

68. Exempted ail public companies classified as "non-acceferated filers" 
by the SEC from complying with §404(b) of the Sarbanes-Oxley Act 
(§989G). 

69. Expanded the requirement of domestic audit firms to secure a 
foreign firm's audit work papers. Also required appointment of an 
agent for service of process in the US (§929J). 

70. Authorized monetary awards to whistleblowers providing the SEC 
with information that leads to a successful enforcement action. 
Confidential information supplied to the SEC by a whistleblower 
may be furnished to the appropriate regulatory authority, the 
Attorney General of the United States, the PCAOB and others, 

at the discretion of the SEC (§922). 

71. Expanded the authority of the PCAOB to oversee the audits of 
registered brokers and dealers, as defined by the Securities 
Exchange Act of 1934 (§982). 

72. Civil money penalties for securities laws violations may be used to 
benefit victims without obtaining disgorgement from the defendant, 
as was previously required under the Sarbanes-Oxley Act (§929B). 

73. Expanded the definition of "person associated with an [audit] firm" 
to include persons "formerly associated with an [audit] firm" for 
purposes of investigative and enforcement authority (§929F). 

74. Authorized the PCAOB to provide foreign auditor oversight 
authorities with all confidential information received by an audit 
firm under the PCAOB's §104 inspection or §105 investigation 
authority, at the discretion of the PCAOB and pursuant to certain 
qualifications (§981). 


JOBS Act of 2012: 

75. Exempted ail companies defined within the Act as Emerging Growth 
Companies from complying with §404(b) of the Sarbanes-Oxley Act 
(§103). 

76. Exempted all companies defined in the Act as Emerging Growth 
Companies from complying with any new accounting standard until 
such date that private companies must comply, if such standard 
applies to private companies at all (§102). 

77. Exempted all companies defined within the Act as Emerging 
Growth Companies from complying with any PCAOB rules requiring 
mandatory firm rotation or auditor discussion and analysis (§104). 

78. Exempted all companies defined within the Act as Emerging Growth 
Companies from complying with other new auditing standards 
unless the SEC determines that the application of such standard is 
"necessary or appropriate in the public interest, after considering 
the protection of investors and whether the action will promote 
efficiency, competition, and capital formation" (§104). 


17 



54 


Contact: 

Les Brorsen 
Americas Vice Chair 
Office of Public Policy 
+1 202 327 5968 
les. brorsen @ey.com 


Ernst & Young 

Assurance | Tax | Transactions | Advisory 


About Ernst & Young 

Ernst & Young is a global loader m assurance, tax. 
transaction and advisory services. Worldwide, cur 
1 52,000 people are united by our shared values and 
an unwavering commitment to quality. We make a 
difference by helping our people, our clients and our 
wider communities achieve their potential. 

Ernst & Young refers to the global organization of 
member firms of Ernst & Young Global Limited, each of 
which is a separate legal entity. Ernst & Young Globa! 
l imited, a UK company limited by guarantee, does not 
provide services to clients, for more information about 
our organization, please visit www.ey.com. 

Ernst & Young LLP is a client-serving member firm of 
Ernst 8. Ybung Global Limited operating in the US. 

@ 2012 Ernst & Young LLP. 

All Rights Reserved. 

SCORE No. JJ0003 


£fns» & Young is committed to minimizing Us Impact on 
^ the environment. Tnis oocument has been printed using 
recycled paper. 


this publication contains information In summary form and is therefore . 
intended lor general guidance only. It does not consM ute legal advice 
and should not be relied upon as a substitute for legal advice, nor 
is it mtended to be a substitute lor detailed research or the eierc<se 
of professional judgment. Neither Ernst & Young LIP nor any other 
member of the global Ernst S Young organization can accept any 
responsibility for loss occasioned to any person acting or retraining 
from action as a result of any material in this publication. On any 
specific matter, reference should be made to the appropriate advisor, 
including an attorney in the event of any guestions about any 
appf*ab:« taw or regulation. 

ED None 



55 



Competitive 

Enterprise 

Institute 


STATEMENT BY 
JOHN BERLAU 

SENIOR FELLOW, FINANCE AND ACCESS TO CAPITAL 
COMPETITIVE ENTERPRISE INSTITUTE 
BEFORE THE 

HOUSE COMMITTEE ON FINANCIAL SERVICES 

SUBCOMMITTEE ON CAPITAL MARKETS AND 
GOVERNMENT SPONSORED ENTERPRISES 

“The 10th Anniversary of the Sarbanes-Oxley Act” 

Washington, DC 

July 26, 2012 


Chairman Garrett, Ranking Member Waters, and honorable members of this subcommittee, 
thank you for this opportunity to present testimony on behalf of my organization, the 
Competitive Enterprise Institute. 

My organization, the Competitive Enterprise Institute, is a Washington-based free-market think 
tank that since its founding in 1984 has studied the effects of all types of regulations on job 
growth and economic well-being. As we have said before, we follow the regulatory state from 
"economy to ecology," and propose ideas to "regulate the regulators" and hold them 
accountable so that innovation and job growth can flourish in all sectors. 



56 


Our theme on job growth has been "liberate to stimulate," because as our Vice President 
Wayne Crews has observed, one doesn't need to teach - or subsidize — grass to grow. Rather, 
remove the rocks obstructing its growth, and it will grow wide and tall. And this law called SOX 
is definitely one of the biggest "rocks." 

This hearing marks the occasion of the tenth anniversary of the passage and signing of SOX, the 
Sarbanes-Oxley Act of 2002, and I must confess that on past anniversaries of this law, I had not 
found much to celebrate. 

I had looked at the cost burden of just one section of this law, the "internal control" mandates 
of Section 404, originally estimated by the Securities and Exchange Commission to cost a public 
company an average of $92,000 per year. The SEC has recently said that this burden is more like 
an average of $2.3 million per year. And the worst part is that the SEC has found that the cost 
burden for smaller companies is still more than seven times greater that than that imposed on 
large firms relative to their assets. 

I had listened to Home Depot co-founder Bernie Marcus say several times that he and his 
partner could not have taken Home Depot public had SOX been in effect in 1981. Mr. Marcus 
has stated this belief to many interviewers, including radio Host Hugh Hewitt and FOX News' 
Greta VanSusteren. And I heard him state his belief that if the company had not raised this 
initial capital by going public back then, he and his partner could not have built it into the 
powerhouse chain it is today, serving so many satisfied customers and employing more than 
300,000 workers. 

I had compared Home Depot's size when it went public in 1981 - just four stores in the chain - 
to that of Facebook's ill-fated initial public offering - $100 billion in market capitalization - as 
well as that of recent IPOs of Groupon and Linkedln that had market caps exceeding $1 billion. 
This is part of a post -SOX trend of both fewer U.S. IPOs - in no year since SOX passed has the 
number of IPOs approached that of the early '90s recession years, let alone the late '90s boom 
years - and much larger IPOs, According to President Obama's Council on Jobs and 
Competitiveness, "the share of IPOs that were smaller [in market capitalization] than $50 
million fell from 80 percent in the 1990s to 20 percent in the 2000s," 

The reduced number of IPOs was making it that much harder to climb out of the economic hole. 
As the President's Job Council noted, "the data clearly shows that job growth accelerates when 
companies go public." As the council and others have noted, 90 percent of a public company's 
job creation occurs after it goes public. Directly fingering SOX, the council observed: "Well- 
intentioned regulations aimed at protecting the public from the misrepresentations of a small 
number of large companies have unintentionally placed significant burdens on the large 



57 


number of smaller companies. As a result, fewer high-growth entrepreneurial companies are 
going public." 

Companies waiting until they were almost as big as Facebook before they went public also 
meant that ordinary investors would lose out on opportunities, as they had with Flome Depot 
and countless firms in the '80s of 90s, of buying into emerging companies at their growth stages 
and growing wealthy along with the firms. 

And as an advocate for investors as well as entrepreneurs, I observed with deep sadness the 
implosions of many companies fully subject to SOX rules - such as Lehman Brothers and MF 
Global. The trivial minutiae that SOX had companies and their accountants document - at such 
high cost to legitimate companies - seemed to do little to prevent massive mismanagement or 
outright fraud at troubled firms. As Hal Scott, Nomura Professor of International Financial 
Systems at Harvard Law School, has written, despite SOX 404's "high costs, it remains 
empirically unclear whether adherence to SOX 404 achieves its intended benefit: reduced 
incidence of fraud or opaque or aggressive accounting practices by public companies." 

So up until a few months ago, I and many entrepreneurs and investors were not exactly in a 
mood for celebration in looking forward to SOX's big 10. But then this House, the Senate, and 
President Obama pleasantly surprised me with a powerful first step towards SOX reform and 
relief. In April, President Obama signed, after it overwhelmingly passed this House and this 
subcommittee, the Jumpstart Our Business Startups (JOBS) Act. 

Among other things, the JOBS Act creates a five-year "on-ramp" for firms going public that have 
market caps of less than $1 billion and annual revenues of less than $700 million in which they 
are exempt from the Sarbanes-Oxley internal control mandates, costly provisions of Dodd-Frank 
that specifically apply to public companies, and other burdensome regulations. And this 
provision, which went into effect immediately after the legislation was enacted, is already 
paying dividends to entrepreneurs, investors and the economy as a whole. 

We know that in the mere three months since passage of the law, at least 46 emerging-growth f 
firms have taken advantage of this JOBS Act provision in planned IPOs. I have attached the 
names of these companies in an appendix to this testimony. What's even more remarkable, and 
convincing evidence of SOX's true burden to smaller firms, is the size of these IPOs. For 
instance, ClearSign Combustion, a respected Seattle-based green technology firm, launched an 
IPO under the JOBS Act on-ramp in late April with a market cap of just $12 million. I don't 
believe we have had IPOs this small since before SOX went into effect. 

The JOBS Act is a big improvement, but there is so much more that can be done to nurture job 
growth and innovation at small and large public companies and to lift barrier^ to more firms 
going public. The Fostering Innovation Act (H.R. 6161), would provide a needed supplement to 



58 


the regulatory relief in the JOBS Act. By making sure that midsize companies aren't misclassified 
by the SEC as large due to a sudden spike in their share prices, the bill would help ensure that 
these job-creating firms have time to grow. 

We also need to eventually get rid of Section 404 and other onerous SOX provisions for all 
public companies. If these rules aren't providing benefits to investors and the public that 
exceed their costs, there is no reason why any firm should be weighed down by these 
provisions when resources now devoted to compliance could be used to expand and create 
jobs. As Mallory Factor, serial entrepreneur and professor of international politics and 
American government at The Citadel, has put it, "This is capital that could be invested in 
infrastructure improvements, job creation, and innovative technologies or research and 
development." 


But all in all, with the JOBS Act passage, there is reason to celebrate SOX's birthday this year, 
and I and thousands of investors and entrepreneurs who are little less burdened by this law are 
ready to break out the birthday cake and champagne. So thank you again for inviting me to 
testify and additional thanks to nearly all the members of this subcommittee who supported 
the JOBS Act. I am happy to answer any questions you may have. 



The Competitive Enterprise Institute 
1899 L Street NW, Floor 12 
Washington, DC 20036 
202-331-1010 



59 


Appendix 


List of emerging-growth companies already utilizing Sarbanes- 
Oxley relief from the Jumpstart Our Business Startup Act 


July 2012: 

Gigamon LLC 

Delek Logistics Partners, LP 
Hi-Crush Partners LP 
Audeo Oncology, Inc. 

Performant Financial Corp 
Globelmmune INC 
MPLX LP 

June 2012: 

Natural Grocers by Vitamin Cottage, Inc. (NGVC) 

Qualys, Inc. 
iWatt Inc 

May 2012: 

Kythera Biopharmaceuticals Inc. 

Shutterstock 

OncoMed Pharmaceuticals 
Legal zoom 

April 2012: 

Southcross Energy Partners, LP 

"Emerging Growth Companies" that filed public registration statements prior to enactment of 
the JOBS Act but after December 8, 2011 and thus amended their registration statement to 
take advantage of the retroactivity of the law: 

April 1-15, 2012: 

FiveBelow 

Stemline Therapeutics 

Hyperion 

Palo Alto 

March. 2012: 



60 


Service NOW 
Reval Holdings 
ADMA Biologies 
Globus Medical 
Tesaro, Inc. 

Durata Therapeutics 
Ginkgo Residential Trust 
Exponential Interactive 
American Oil & Gas 
Fender Musical Instruments Corp 

Feb 2012: 

E20pen 

Diamondback Energy 

EQT Midstream Partners, LP 

Quicksilver Production Partners 

Jan 2012: 

Tria Beauty Inc 

Del Frisco's Restaurant Group 

China Auto Rental Holdings Inc 

Audience Inc 

Splunk Inc 

Pacific Coast Oil Trust 

Infoblox Inc 

Extend Health Inc 

UTE Energy Upstream Holdings LLC 

Dec 2011: 

Cancer Genetics, Inc. 

GoGo Inc. 

Avast Software 
Coskata, Inc. 

*Cantor Entertainment filed public S-l in Dec and withdrew it after enactment of the JOBS Act 
in order to take advantage of confidential filing 



61 


Testimony of Mercer E. Bullard 

President and Founder 
Fund Democracy, Inc. 

and 

Jessie D. Puckett, Jr., Lecturer and 
Associate Professor of Law 
University of Mississippi School of Law 

before the 

Subcommittee on Capital Markets and 
Government Sponsored Enterprises 

Committee on Financial Services 

United States House of Representatives 

on 

The 10 th Anniversary of the Sarbanes-Oxley Act 


July 26, 2012 



62 


Chairman Garrett, Ranking Member Waters, members of the Subcommittee, 
thank you for the opportunity to appear before you today on the occasion of the 10 th 
anniversary of the Sarbanes-Oxley Act, It is an honor and a privilege to appear 
before the Subcommittee today. 

I am the Founder and President of Fund Democracy, a nonprofit investor 
advocacy group, and a Jessie D. Puckett, Jr., Lecturer and Associate Professor of Law 
at the University of Mississippi School of Law, I am also a Vice President of the 
financial planning firm, Plancorp LLC; a member of the CFP Board's Public Policy 
Council; and an Accredited Investment Fiduciary, 1 was formerly a member of the 
SEC’s Investor Advisory Committee and chaired its Investor as Purchaser 
Subcommittee; an Assistant Chief Counsel in the SEC's Division of Investment 
Management; and an attorney in the securities practice of Wiimer, Cutler & 
Pickering (now WilmerHale). 

This testimony is based on my general experience over a number of years as 
an investor advocate, journalist, academic, regulator, financial planner, private 
practitioner and expert witness and consultant. I have been engaged in securities 
regulation issues from a variety of perspectives and attempt to provide testimony 
that reflects the interests of investors, diverse views of various constituents, and the 
practical exigencies of real-world legal practice and compliance. 

1. Introduction and Summary 

The primary focus of the Sarbanes-Oxley Act of 2002 ("SOXA") reflects the 
accumulation of corporate accounting scandals that was its primary impetus. 1 First, 
the Act includes a wide range of provisions that are designed to ensure the 

1 See, e.g., S. Rep. No. 107-205, at 23 (2002] ("Senate Report"} ("Defects in procedures for monitoring 
financial results and controls have been blamed for recent corporate failures."); H. Rep. No. 107-414, 
at 18 - 19 (2002) ("House Report") ("The Committee's hearing on the Enron matter, the collapse of 
Global Crossing LLC, and the operations of the Nation's capital markets ail indicated that reforms 
were necessary both for the regulators and the regulated”). 


2 



63 


reliability of financial information provided by public companies. Second, the Act 
includes numerous provisions that are specifically designed to hold corporate 
executives, directors, and public auditors to the highest standards of integrity. 
Together, these provisions aim to enhance the reliability of financial reporting and 
hold CEOs, CFOs, directors, and public auditors who engage in financial fraud 
accountable for their actions. 2 


It would be a mistake, however, to explain the Act simply as a reaction to the 
scandals de jour. While corporate accounting scandals may have created the tipping 
point for action, many of the Act’s provisions reflected long-debated policies. 3 The 
scandals gave the problems that the Act is designed to address a more concrete face 
and solidified broad-based support. Nor could the Act could not be said to reflect 
partisan lawmaking. Of 525 votes cast in the House and Senate, only three opposed 
the Act. The President's statement issued at the signing of the Act was unequivocally 
positive. 4 

Although parts of the Sarbanes-Oxley Act have been the subject of criticism - 
Section 404 in particular — it also has enjoyed broad support among investor 
advocates, public companies and auditing firms. Some parts of SOXA have been 
quite successful, but some parts could be improved. Due to the size of the Act and 


2 See Remarks by President Bush at the signing of the Sarbanes-Oxley Act of 2002 (July 30, 2002] 
(“President's Remarks") (“This law says to shareholders that the financial information you received 
from a company will be true and reliable, for those who deliberately sign their names to deception 
will be punished."]; Senate Report, supra at 2 (the Act "requires steps to enhance the direct 
responsibilities of senior corporate management for financial reporting and for the quality of 
financial disclosures made by public companies”]; House Report, supra at 16 (the Act “will protect 
investors by improving the accuracy and reliability corporate disclosures made pursuant to the 
securities laws. The bill achieves this goal through increased supervision of accountants that audit 
public companies, strengthened corporate responsibility, increased transparency of corporate 
financial statements, and protections for employee access to retirement accounts."). 

3 See, e.g„ The Numbers Game, Remarks by Arthur Levitt, Chairman, SEC, before the NYU Center for 
Law and Business, New York, NY (Sep. 28, 1998) available at 
http://sec.gov/news/speech/speecharchive/1998/spch220.txL 

4 See President's Remarks, supra. 


3 



64 


time constraints, this testimony discusses only a few of SOXA's provisions in any 
detail, in addition to the Fostering Innovation Act. The primary points in this 
discussion are as follows: 


• The bifurcation of public companies between those that are subject to SOXA 
Section 404’s broad internal control provisions and those that are not 
compromises the quality and reliability of public company accounting, and 
undermines investor confidence 5 and the integrity of the markets. The costs 
of compliance results not from Section 404, but from its implementation by 
regulators who are in the best position to evaluate costs and make 
appropriate adjustments. In my view, the Fostering Innovation Act would 
exacerbate these problems. The details of Section 404 implementation 
should be left to the expert regulators based on their weighing of the costs 
and benefits for issuers and investors. 

• SOXA’s whistleblower provisions have been substantially undermined by a 
First Circuit holding that they do not protect employees of nonpublic 
companies, even if the whistleblowing relates to a public company’s 
compliance. Congress should amend SOXA Section 806 to clarify that public 
companies cannot evade whistleblower protections simply by retaining 
nonpublic companies for accounting and other compliance-related services. 

• Section 403 of SOXA has substantially mitigated executive compensation 
abuses by requiring that executives report transactions in company 
securities within two business days. This provision has been particularly 
effective in preventing fraudulent backdating of stock options. However, 
empirical research shows that such backdating continues to be a problem 
because a large percentage of executives are violating the two-day reporting 
requirement. Enhanced enforcement and penalties should be considered to 
ensure compliance with this requirement. 


In addition, 1 have briefly addressed below a series of issues for which time 
constraints have not permitted fuller discussion. 

• Public PCAOB Proce edi ngs : Section 105 of SOXA permits PCAOB proceedings 
to be public only if the PCAOB finds good cause and both sides consent, 
which, as a practical matter, ensures that these proceedings will never be 
made public. Secret proceedings improperly deny the public, including 
issuers' audit committees, material information regarding auditors, and 


5 See Jeffry Love, Sarbanes-Oxley: A Survey of Investor Opinions, AARP and Knowledge Network [2007) 
f'AARP Investor Survey ”) (SOXA has made more than half of surveyed investors more confident in the 
information they received from companies). 


4 



65 


increase auditors’ incentives to litigate actions. 6 PCAOB enforcement 
proceedings should be public, just as SEC proceedings have been for 25 years. 
1 urge Congress to amend SOXA to require that PCAOB proceedings be public 
except by order of the Board. 7 

* Auditor R otatio n: A mandatory auditor rotation requirement was considered 
during the debates leading to SOXA but not enacted. 8 This proposal continues 
to have significant potential for improving auditor independence, especially 
in view of the decades-long tenure that some auditors have with their clients, 
notwithstanding that there would be undeniably material costs. 9 Although 
some have proposed to preempt the PCAOB by prohibiting an auditor 
rotation requirement, 10 in my view this issue is not ripe or appropriate for 
legislative action. 11 The PCAOB has been very sensitive to rotation concerns 
and is undertaking a careful re-evaluation of auditor term limits 12 that, when 
completed, should be afforded the deference due an expert regulator. 


6 See Hearing before the Subcommittee on Capital markets and Government-Sponsored Enterprises, 
U.S. House of Representatives (Mar. 28, 2012) (testimony of James Doty, Chairman, PCAOB ("Doty 
Testimony “) available at http://pcaobus.org/News/Speech/Pages/03282012_DotyTestimony.aspx; 
Statement of Claudius Modesti, Director of Enforcement, PCAOB, before the New York State Society of 
CPAs', New York, NY (Sep. 28, 2010) available at 

http://pcaobus.org/News/Speech/Pages/09282010_ModestiTransparency.aspx 

7 See H.R. 3S03 (Nov. 18, 2011) (requiring public PCAOB proceedings except by determination of 
Board) available at http://www.gpo.gov/fdsys/pkg/BILLS-112hr3503ih/pdf/BlLLS- 
112hr3503ih.pdf. 

8 However, Congress generally required the rotation of audit partners in Section 203 of SOXA. 

9 See Letter from Barbara Roper, Director of Investor Protection, Consumer Federal of America, to 
Office of the Secretary, PCAOB (Dec. 14, 2011) available at 
http://pcaobus.org/RuIes/Rulemaking/Docket037/484_CFA.pdf. 

10 See Memorandum from Committee Staff to Members, Committee on Financial Services, U.S. House 
of Representatives (Mar. 23, 2012) (citing discussion draft of bill to prohibit mandating auditor 
rotation) available at http://www.corpgovcenter.org/Carcello/capmrkts.pdf. 

11 See Doty Testimony, supra. 

12 The PCAOB requested public comment on auditor terms limits in August 2011, the comment 
period for which has not yet closed. See Concept Release on Auditor Independence and Audit Firm 
Rotation, PCAOB Release No. 2011-006 (Aug. 16, 2011) available at 

http://pcaobus.org/Rules/Rulemaking/Docket037/Release_2011-006.pdf. In March and June of this 
year, the PCAOB held roundtables on terms limits. See PCAOB Public Meeting on Firm Independence 
and Rotation, Washington, D.C. (Mar. 11 - 12, 2012) transcript available at 
http://pcaobus.org/Rules/Rulemaking/Docket037/2012-03-21_Transcript-Notice.pdfand (June 28, 
2012) transcript available at http://pcaobus.org/Rules/Rulemaking/Docket037/2012-6- 
28_Transcript-Notice.pdf. 


5 



66 


• Auditor Certificatio ns: SOXA Sections 302 and 906 require CEOs and CFOs to 
certify that the company's filings are not misleading and that any weaknesses 
in the company’s internal controls have been disclosed to the company's 
auditors, and impose significant criminal penalties for knowing violations. 
Congress should consider requiring similar certifications for audit 
engagement partners 13 or that partners be required to sign audit reports (the 
latter has been proposed by the PCAOB). 14 

• Audito r Financials : Auditors are not themselves required to disclose audited 
financial statements. Congress should consider requiring the largest auditing 
firms provide and disclose audited financial reports in order to permit a fair 
evaluation of their financial condition, as has been recommended by a former 
member of Boeing’s audit committee 15 and major institutional investors, 16 
among others. 

• Foreign Auditors : Section 106 of SOXA grants authority to PCAOB to register 
and inspect auditors, including foreign auditors, that play a substantial role 
in the preparation or furnishing of an audit report for a public company. 17 
However, certain jurisdictions have prevented the PCAOB from conducting 
such inspections, 18 citing, among other things, conflicts with internal law. 


13 See Submission of Paul Haaga, Jr., Vice Chairman, Capital Research and Management Company, to 
the Advisory Committee on the Auditing Profession {Feb. 4, 2007) ("Haaga Submission ”) available at 
http://www.treasury.gov/about/organizational-structure/offices/Documents/Haaga020408.pdf. 

l *See Improving the Transparency of Audits, PCAOB 2001-007 (Oct. 11, 2011) (proposing to require 
disclosure of name of engagement partner in audit reports) available at 

http://pcaobus.org/Rules/Rulemaking/Docket029/PCAOB_Release_2011-007.pdf; Concept Release 
on Requiring the Engagement Partner to Sign the Audit Report, PCAOB 2009-005 (July 28, 2009) 
available at http://pcaobus.org/Rules/Rulemaking/Docket029/2009-07-28_Release_No_2009- 
005.pdf. 

15 See John Biggs, Statement to the Advisory Committee on the Auditing Profession to the U.S. 
Department of Treasury ([une 3, 2008 (revised June 5, 2008)) ("With our greatly increased 
responsibilities and consequent risks as audit committee members, we rely heavily on the quality 
and strength of the audit firm we select to probe into all aspects of the company financial reporting. 
We need to know more about the firms we select and the risks of doing business with them.”) 
available at http://www.treasury .gov/about/organ izational- 
structure/offices/Documents/Biggs060308.pdf. 

16 See, e.g., Haaga Submission, supra, and other submissions cited at: Advisory Committee on the 
Auditing Profession, Department of the Treasury at n.93 (Oct 6, 2008) available at 
http://www.treasury.gov/about/organizational-structure/offices/Documents/fmal-reportpdfnote 
93. 

17 See PCAOB Rule 2100. 

18 See Updated information on PCAOB International Inspections, PCAOB (Dec. 11, 2011) available at 
http://pcaobus.org/International/lnspections/Documents/12312011_international_inspections_inf 
ormation.pdf; Issuer Audit Clients of Non-U.S. Registered Firms in Jurisdictions where the PCAOB is 


6 



67 


Issuers that use foreign auditors thereby enjoy a “documented cross-listing 
premium for bonding themselves to U.S.” standards 19 without having to 
comply with those standards. The PCAOB has made significant progress in 
this area, and Congress should continue to support its efforts in this area. 

Finally, much of the foregoing relates the responsibilities of the PCAOB, but 
without noting the importance of the PCAOB itself. The creation of the PCAOB is the 
centerpiece of SOXA and has been the Act’s greatest contribution to the U.S. 
securities markets. The PCAOB has directly addressed the insidious lack of 
independence in the self-regulation of accounting under which no major accounting 
firm had ever been issued an adverse or qualified report. 20 In its brief history, the 
PCAOB has identified hundreds of accounting deficiencies in accounting firms in 
almost 2,000 inspections of firms’ quality controls. It has appropriately exercised its 
authority to resolve issues with these firms and, when necessary, to conduct 
investigations and commence enforcement proceedings. 21 The PCAOB has made 
significant improvements in the standard-setting process while working assiduously 
to consider the interests of all affected parties, including especially small businesses. 
I strongly encourage Congress to continue to support the work of the PCAOB’s and 
afford appropriate deference to its independent, expert judgment. 


Denied Access to Conduct Inspections, PCAOB, available at 

http://pcaobus.org/International/Inspections/Pages/issuerClientsWithoutAccess.aspx. See 

generally James Doty, The Relevance, Role, and Reliability of Audits in the Global Economy, 90 Texas L. 
Rev. 1891, 1907 - 10 (2012} available at 

http://www.texaslrev.com/sites/default/files/issues/vol90/pdf/Doty.pdf. 

19 Doty, supra at 1908. 

20 See id. at 1891. 

21 See id. at 1897 (record of 26 revocations of firms' registrations and 53 sanctions against 
individuals}. 


7 



68 


II. Section 404 

The most heated criticism of SOXA has been reserved for its provisions on 
financial reporting internal controls. 22 Section 404(a) of SOXA requires that 
management assess and report on the effectiveness of internal control over financial 
reporting. Section 404(b) requires that a company's auditor attest to the 
effectiveness of the internal controls assessment under Section 404(a). Most of the 
criticism of these provisions has focused on the cost of compliance, particularly for 
smaller companies that have a smaller revenue base over which to spread fixed 
costs (/.a, costs that do not decline with the size of the company being audited). 

However, the actual text of Section 404 undercuts the logic of such criticism. 
The text requires nothing more than that management assume individual 
responsibility for financial reporting internal controls - a responsibility that a bona 
fide fiduciary duty under state corporate law presumably would already impose - 
and that the company's "registered public accounting firm" - which already would 
have responsibility for auditing the company’s financial reports - attest to the 
effectiveness of internal controls. These general requirements are fundamental to 
effective accounting regulation. Section 404 leaves the details of implementation, 
that is, the elements that would actually determine the costs of compliance, to the 
Commission and the Board. 23 

Since the enactment of Section 404, regulators have demonstrated their 
sensitivity to cost issues. The Commission and the Board have considered and acted 
to reduce the costs of compliance borne by small companies, then measured the 
effect of their efforts, then again acted to reduce compliance costs, then again 
measured the effect of their efforts in what has been a fairly continuous re- 

22 See John Coffee, The Political Economy of Dodd-Frank: Why Financial Reform Tends to be Frustrated 
and Systemic Risk Perpetuated, Columbia Law School Working Paper No. 414, at 25 (Jan. 9, 2012). 

23 See, e.g., SOXA Section 404(b) (authorizing PCAOB to establish standards for attestation under 
Section 404(b)). 


8 



69 


evaluation. 24 The PCAOB revised its initial auditor attestation standard after only 
two financial reporting cycles had been completed, specifically with the purpose of 
reducing costs for smaller companies. During this period, the costs of Section 404 
compliance have steadily declined. 25 


24 In the course of adopting a auditor attestation standard, the PCAOB conducted a roundtable to 
solicit input from interested parties, see PCAOB Roundtable on Reporting on Internal Control, 
Washington, DC (July 29, 2003] webcast available at 

http://pcaobus.org/News/Webcasts/Pages/07292003_Roundtable.aspx; developed and issued a 
proposed standard, see Proposed Auditing Standard, PCAOB Rel. No. 2003-0X7 (Oct 7, 2003) 
available at http://pcaobus.org/Rules/Rulemaking/Docket008/2003-10-17_Release_2003-017.pdf; 
revised the standard based on public input including 189 comment letters (“virtually all" expressed 
support for the PCAOB’s approach, although some issuers raised cost concerns), see Auditing 
Standard No. 2, PCAOB Rel. No. 2004-03, Appendix E (Mar. 9, 2004) available at 
http://pcaobus.org/Rules/Rulemaking/Docket008/Form_19b-4_Auditing_Standard_2.pdf; 
submitted its proposed standard to the Commission, see Notice of Filing of Proposed Rule on Auditing 
Standard No. 2, File No. PCAOB-2004-03 (Apr. 4, 2004) available at http://sec.gov/rules/pcaob/34- 
49544.htm, considered comments on that draft proposal, see comment letters at 
http://sec.gov/rules/pcaob/pcaob200403.shtml; filed a final rule for approval with the Commission, 
see Order Approving Proposed Auditing Standard No. 2, File No. PCAOB 2004-03 (June 17, 2004) 
(finding PCAOB carefully considered cost issues) available at http://sec.gov/rules/pcaob/34- 
49884.htm; held another roundtable on Section 404 compliance (with the Commission), see 2006 
Roundtable Discussion on Implementation of Internal Control Reporting Provisions (May 10, 2006) 
transcript and briefing document available, respectively, at 
http://www.sec.gov/spotlight/soxcomp/soxcomp-transcripttxt & 

http://www.sec.gov/spotlight/soxcomp/soxcomp-briefing0506.htm; responded to complaints 
regarding cost of compliance by proposing a revised, more scalable standard, see Proposed Auditing 
Standard, PCAOB Rel. No. 2006-007 (Dec. 19, 2006) available at 

http://pcaobus.org/Rules/Rulemaking/Docket%20021/2006-12-19_Release_No._2006-007.pdf, 
which was approved by the Commission in 2007. See Order Approving Proposing Auditing Standard 
No. 5, Sec. Act Rel. No. 56152 (July 27, 2007) available at http://sec.gov/rules/pcaob/2007/34- 
56152.pdf. The PCAOB has established an Office of Outreach and Small Business Liaison and hosted 
numerous meeting with small business interests, including a forum series on audit reform. See, e.g„ 
Forum on Auditing in the Small Business Environment (May 2, June 7 & 19, July 18, Sep. 13, and Nov. 7 
& 29, 2012). 

25 See Study and Recommendations on Section 404(b) of the Sarbanes-Oxley Act of 2002 for Issuers with 
Public Float Between $75 and $ 250 Million, Office of Chief Accountant, Securities and Exchange 
Commission at 7 (2011) ( 2011 SEC Study and Recommendations ) (academic and other research on 
Section 404: Indicates that the cost of compliance with Section 404(b), including both total costs and 
audit fees, has declined since the 2007 reforms”; "costs of Section 404(b) have declined since the 
Commission first implemented the requirements of Section 404, particularly in response to the 2007 
reforms") available at http://www.sec.gov/news/studies/2011/404bfloat-study.pdf; Study of the 
Sarbanes-Oxley Act of 2002 Section 404 Internal Control over Financial Reporting Requirements, Office 
of Economic Analysis, Securities and Exchange Commission at 2 (2009) ("2009 SEC Study") 

("evidence also indicates that there is an economically and statistically significant reduction in 
Section 404 compliance costs following the 2007 reforms.”) available at 
http://www.sec.gov/news/studies/2009/sox-404_study.pdf. 


9 



70 


In this respect. Section 404 has worked exactly as effective regulation should. 
Congress established a flexible, broad standard for ensuring the accuracy of 
financial reporting. Regulators have implemented that standard applying a generally 
balanced view of the costs of compliance and the benefits of reliable financial 
information and they continue to adjust their implementation of the Act to reflect 
new information and changing circumstances. 

However, from Section 404’s inception small firms representing a substantial 
percentage of public companies have been exempted from Section 404. Rather than 
allowing the rulemaking process to resolve inevitable missteps in the 
implementation of Section 404, business interests have demanded and been granted 
wholesale exemptions from Section 404 for entire categories of small companies. 
This was accomplished through a series of administrative exemptions, 26 followed by 
Dodd-Frank Act’s Section 989G permanent exemption for all non-accelerated filers 
from Section 404(b), which represent approximately 60 percent of reporting 
issuers. 27 Section 103 of the Jumpstart Our Business Startups Act ("JOBS Act”) 
exempted all "emerging growth companies,” which includes any company, for up to 
almost six years after its IPO, with less than $1 billion in annual revenues. 

While studies have found a steady decline in the costs of Section 404 
compliance, the blanket-exemption approach followed by regulators and Congress 
has prevented any evaluation of the cost to small companies. 28 It is likely that costs 
would have declined for small companies as well, and information on such costs 
would have provided needed guidance for adjusting the implementation of Section 
404 in the future. But blanket exemptions from Section 404 have prevented the 
maturation of its internal controls requirements into a consistent standard for 

See Securities Act Rel. Nos. 8392 (Feb. 24, 2004), 8545 (Mar. 2, 2005) & 8618 (Sep. 22, 2005). See 
also Exposure Draft, supra (recommending small company exemption from Section 404). 

27 See 201 1 SEC Study and Recommendations, supra at 9. 

28 See 2009 SEC Study, supra at 1 - 2. 


10 



71 


public companies in the U.S. Simply dividing companies between those to which the 
full attestation applies - larger companies that need it less - and those to which no 
attestation applies - smaller companies that need it more - is not an appropriate 
solution to the problem of compliance costs. 29 Rather, regulators should be allowed 
to evaluate compliance costs and adjust internal control requirements on an 
ongoing basis, including narrowing further the scope of the attestation. 30 

The foregoing reflects two broader problems that characterize much of 
current debates about securities regulation. First, the evisceration of Section 404 
has undermined the coherence of the concept of a "public company” in the U.S. 
markets. The public company represents a distinctly U.S. brand, the integrity of 
which has played an instrumental role in the success of U.S. securities markets. 
When "public company" means something different for every company that wears 
that label, that brand loses its value as a coherent set of default rules on which 
investors can rely. 

Second, the evisceration of Section 404 reflects the kind of regulatory 
tinkering that should be left to regulators. The legislative process is not an 
appropriate vehicle for the micromanagement of accounting standards and 
processes. Administrative agencies provide the combination of technical expertise, 
responsiveness, predictability and public accountability that is necessary for 
effective regulation. 


29 See AARP Investor Survey, supra (less than one-fifth of surveyed investors believe that small 
companies should be exempt or that there should be a compliance transition period for companies 
entering U.S. markets]. 

30 Accord Separate Statement of Curt Schacht, Exposure Draft of Final Report of Advisory Committee on 
Smaller Public Companies, Sec. Act Rel. No. 8666, 123-29 (Mar. 3, 2006) (“ Exposure 
£>ra/i'')(recommending small company exemption from Section 404) available at 
http://www.sec.gov/rules/other/33-8666.pdf. 


11 



72 


It should be noted that neither of these two concerns militates for or against 
the requirements of Section 404 as such. Rather, they reflect fundamental principles 
of effective regulation that should guide Congressional action. 

III. Fostering Innovation Act 

The Committee has requested comment on the Fostering Innovation Act 
("FIA"), which relates directly to the foregoing discussion of Section 404. The FIA 
appears to designate as an "accelerated filer” any company that has more than $100 
million in annual revenues or a public float equal to or greater than $250 million but 
less then $700 million. Currently, accelerated filers include companies with a public 
of float as small as $75 million. The effect of the FIA therefore would be to remove 
companies from this category that have $100 million or less in annual revenues or a 
public float of equal to or greater than $75 million but less than $250 million and 
accordingly exempt them from compliance with SOXA Section 404(b). 

In my view, the Fostering Innovation Act would further undermine the 
important standards set forth in Section 404, weaken the reputational value of the 
public company brand in the U.S., and exacerbate the problem of Congressional 
micromanagement of accounting standards. First, as a matter of good public policy 
all public companies should be required their auditor to attest to their internal 
controls. 31 If there are concerns regarding the scope of the required attestation 
(which Section 404(b) does not itself establish, but rather delegates to the PCAOB), 
then it is the scope of the audit that should be reformed. Second, it is the smallest 
companies that are most likely to experience difficulties in this respect. Thus, the 
FIA exempts from Section 404(b) the companies for which the auditor attestation is 


31 See generally Robert Prentice, Sarbanes-Oxley: The Evidence Regarding the impact of SOX 404, 29 
Cardozo L. Rev. 703 (2007); see also AARP Investor Survey, supra (8 in 10 surveyed investors say 
auditing standards should be stronger). 


12 



73 


most beneficial, 32 which directly contradicts the structure of IPO regulation, for 
example, where regulatory requirements are heightened for smaller, less seasoned 
issuers. 33 Third, analysis by academics and regulators has found that the costs of 
Section 404 compliance have steadily declined since its enactment. A recent, 
detailed analysis, the SEC's Office of Chief specifically recommended against 
exempting issuers with up to a $250 million float. 34 

The foregoing points could viewed as policy objections to the FIA. They go to 
the substantive standards that apply to public companies. There are also broader 
reasons that the approach taken by the FIA, rather than the policy position it reflects, 
will weaken the regulation of U.S. securities markets. The following concerns 
address the broader issue of the efficient operation of administrative law, regardless 
of its substantive content. 

First, the implementation of Section 404, including the scope of any 
exemptions, should be left to the determination of the regulators that are directly 
responsible for the administration of that Section's standards and have the 
appropriate technical expertise. Exemptions created by the FIA, as with exemptions 
previously created by the Dodd-Frank Act and the JOBS Act, create regulatory 
unpredictability and inefficiency that increases the costs of regulation for regulators 
and regulated entities alike. 


32 See Mark Beasley, Joseph Carcello, Dana Hermanson and Terry Neal, Financial Fraud Reporting 
1998 - 2007: An Analysis of U.S. Public Companies at 10 (2010) (survey of 347 financial fraud cases 
from 1998 to 2007 finding that companies involved had median revenues of $72.4 million and 
median stockholders' equity of $39.5 million) available at 

http://www.coso.org/documents/COS0FRAUDSTUDY2010_001.pdf.; M.P. Narayanan and J. Nejat 
Seyhum, Effect of Sarbanes-Oxley on the Influencing of Executive Compensation at 10 (March 2006) 
(both pre- and post-SOXA, smaller firms had substantially greater lags in reporting than larger firms) 
available at http://sitemaker.umich.edU/m.p.narayanan/files/060320replag.pdf 

33 See Securities Offering Reform, Securities Act Release No. 8591 (Aug. 3, 2005) (describing tiered 
approach to regulation depending company size and history). 

34 See 2011 SEC Study and Recommendations, supra. 


13 



74 


Second, a statutory requirement for the Commission to amend a Commission 
rule creates significant uncertainty regarding the legal status of the rulemaking. For 
example, Commission rulemaking is subject to a broad array of statutory mandates, 
such as the consideration of the costs and benefits of regulation and other 
regulatory purposes that a rule may serve, that may directly contradict the FIA’s 
rulemaking mandate. 35 The F1A may undermine the ability of the Commission to 
engage in effective rulemaking and broadly conflicts with the efficient operation of 
administrative regulation. 

Finally, the FIA would further atomize the concept of the public company as a 
form of investment that provides the markets with a predictable set of default rules 
regarding for financial reporting. The concept of the "public company" generally 
reflects the view that companies that sell their shares to retail investors (the 
Securities Act trigger) or have a large shareholder base (the Exchange Act trigger) 
should be subject to heightened regulation. The lion’s share of the public company 
regulation entails more rigorous reporting requirements, which reflects Congress’s 
watershed determination in the 1930s that the appropriate primary role of 
securities regulation should be to ensure that investors have the information they 
need to make informed investment decisions, rather than to evaluate the 
substantive merits of investments. However, ad hoc, statutory exemptions from 
reporting requirements, such as the exemptions from Section 404(b) provided by 
the Dodd-Frank Act, JOBS Act and, possibly, the FIA, threaten to render the concept 
of “public company” meaningless. 


35 See generally Letter from Fund Democracy, Consumer Federation of America, Consumer Action, 
AFL-CIO and Americans for Financial Reform, to Elizabeth Murphy, Secretary, SEC (May 24, 2012) 
(noting that amending Regulation D to permit general solicitation and advertising for private 
offerings, as required by the JOBS Act, does not relieve the Commission of its obligation to satisfy 
statutory cost-benefit standards that may militate against the mandated amendment) available at 
http://sec.gov/comments/jobs-title-ii/jobstitleii-14.pdf. 


14 



75 


IV. Whistleblower Provisions 


In the aftermath of the Enron and WorldCom scandals. Congress was 

concerned that such "corporate whistleblowers are left unprotected under current 

law." 36 Whistleblowers such as Enron’s Sherron Watkins and Worldcom's Cynthia 

Cooper played a major role in exposing fraudulent conduct at their companies. 

Senator Patrick Leahy noted that "when sophisticated corporations set up complex 

fraud schemes, corporate insiders are often the only ones who can disclose what 

happened and why.’’ 37 Congress believed that the lack of protection for insiders 

when they attempt to prevent fraud was: 

a significant deficiency because often, in complex fraud prosecutions, 
these insiders are the only firsthand witnesses to the fraud. They are 
the only people who can testify as to 'who knew what, and when,’ 
crucial questions not only in the Enron matter but in all complex 
securities fraud investigations. Although current law protects many 
government employees who act in the public interest by reporting 
wrongdoing, there is no similar protection for employees of publicly 
traded companies who blow the whistle on fraud and protect 
investors. With one in every two Americans investing in public 
companies, this distinction fails to serve the public good. 38 

Congress accordingly enacted Section 806 of Sarbanes-Oxley, which 
generally prohibits discrimination against employees of public companies [i.e., 
companies registered or reporting under the Securities Exchange Act) in retaliation 
for assisting in the investigation of a violation of the federal securities laws. The 
whistleblower provision has been called “the single most effective measure possible 
to prevent recurrences of the Enron debacle and similar threats to the nation's 


36 S.Rep. 107-146 at 10 (May 6, 2002). 

37 Beverley Earle and Gerald Madek, The Mirage Of Whistleblower Protection Under Sarbanes-Oxley: A 
Proposal For Change, 44 Am. Bus. L. J. 1, 4 (Spring 2007) (quoting 148 Cong. Rec, S 6,439-440 (daily 
ed. July 9, 2002) (statement of Sen. Leahy)). 

38 S.Rep. 107-146, supra. 


15 



76 


financial markets." 39 It is, indeed, an important component of Sarbanes-Oxley's 
overall approach to combating corporate fraud. 

Nonetheless, the First Circuit has held that the employee of a nonpublic 
company is not covered by Section 806, even if the company and its employees are 
responsible for securities compliance of a public company that is covered by 
Section 806. w In other words, the whistleblower provision can be circumvented by 
a public company to the extent that it outsources compliance to a nonpublic 
company, such as a nonpublic accounting firm. This holding was particularly 
egregious under the facts of the case because the private company was the 
investment adviser to a mutual fund. As described below, the unique structure of 
mutual funds means that, as a practical matter, the only "employee” to whom the 
whistleblower provision will apply in relation to a mutual fund's compliance with 
the federal securities laws is an employee of the fund's investment adviser. Thus, the 
First Circuit effectively repealed Section 806 for virtually all employees of nonpublic 
companies who blow the whistle on mutual fund misconduct. 41 


39 Richard Moberly, Unfulfilled Expectations: An Empirical Analysis of Why Sarbanes-Oxley 
Whistleblowers Rarefy Win, 49 Wm. & Mary L. Rev. 65, 68 (Oct 2007) (quoting Taxpayers Against 
Fraud). 

40 See Lawson v. FMR LIC, 670 F.3d 61 (l 5t Cir. 2012) (Section 806 does not apply to employees of 
nonpublic companies), pet for cert, filed 81 USLW 3007 ()un 28, 2012). I have no economic interest in 
this case, but in the interest of full disclosure I note that 1 provided compensated expert services to 
the plaintiffs. This testimony is not intended and should not be read to express any opinion regarding 
that particular case or any other case. 

41 See Rosanne Felicello, No SOX Whistleblower Protection for Employees in the Mutual Fund Industry 
According toe First Circuit Decision in Lawson, 3 Sec. Litig. Rpt 9 (March 2012) ("The Lawson decision 
is remarkable for the labor that the Circuit Court undertook to reach a result at odds with both the 
text of the statute and the purpose of the antiretaliatory provisions.. . . the opinion eviscerates any 
protection for employees in the mutual fund industry, even those employees who work directly with 
the fund. This is due to the unique set up of the mutual fund industry. The public mutual funds 
themselves generally do not have any employees (as is the case for the Fidelity funds at issue 

in Lawson), All of the employees who work on the funds are employed by private companies who 
contract with the mutual fund to provide their services. According to the First Circuit's opinion, none 
of the employees of the private fund advisers are protected by the whistleblower protection of SOX."). 


16 



77 


A mutual fund conducts virtually no securities law compliance activities itself, 
for it is generally nothing more than a shell comprised of the fund board of directors. 
Rather, mutual fund compliance responsibilities are assumed almost entirely by the 
fund's investment adviser. Mutual funds are structurally unique because they 
typically farm out all of their service needs to third parties, including compliance. 
The fund's board of directors negotiates contracts with the fund’s service providers 
and oversees the operation of the fund, but the fund typically does not have any 
employees ; 42 its "employees” are employed by a third-party service provider . 43 As a 
practical matter, the investment adviser exercises de facto control over the fund 
throughout the fund’s life 44 


The most prominent scandal in the history of the mutual fund industry 
involved shareholder abuses that were brought to light by precisely the kind of 
whistleblower to which the whistleblower provision is intended to apply . 45 The 


42 Insider Trades During Pension Fund Blackout Periods, Investment Company Act Rel. No. 25795, at 
Part II.B(l)(d) (Nov. 6, 2002}] ("[ijnvestment companies .. . typically do not have employees because 
they are externally managed, with investment advisory and other services provided by affiliated and 
unaffiliated parties pursuant to contracts with the investment company.”); Letter from Dorothy M. 
Donohue, Associate Counsel, Investment Company Institute to Jonathan Katz, Secretary, SEC (Dec. 13, 
2002) (“Unlike operating companies, investment companies typically do not have employees, . . . The 
vast majority of investment companies do not have employees because they are externally managed, 
with investment advisory and other services provided by affiliated and unaffiliated parties pursuant 
to contracts with the investment company."). 

43 “Unlike most corporations, an investment company is typically created and managed by a pre- 
existing external organization known as an investment adviser. . . . the adviser generally supervises 
the daily operation of the fund and often selects affiliated persons to serve on the company’s board of 
directors.’” Investment Company Governance, Investment Company Act Rel. No. 26323 at Part I (Jan. 
15, 2004) (quoting Burks v. Lasker, 441 U.S. 471, 481 (1979) (quoting Galfand v. Chestnutt Corp., 545 
F.2d 807, 808 (2d Cir. 1976])). As stated by Robert Pozen at the time that he was President and CEO 
of Fidelity Management and Research Co., the defendant in the First Circuit case: “Virtually all mutual 
funds are externally managed. They do not have employees of their own. Instead, their operations 
are conducted by affiliated organizations and independent contractors." Robert Pozen, The Mutual 
Fund Business, at 22 (1999). 

44 See Investment Company Act Rel. No. 26323, supra (“a fund adviser is frequently in a position to 
dominate the board because of the adviser’s monopoly over information about the fund and its 
frequent ability to control the board's agenda.”). 

15 See generally, Mercer Bullard, The Mutual Fund as Firm: Fund Arbitrage, Frequent Trading and the 
SEC's Response to the Mutual Fund Scandal, 42 Houston L. Rev. 1271 (2006); see also Todd Wallack, 
Anatomy of a Scandal Anonymous Tip Helped Mutual Fund Regulators Find Where To Dig Up Bodies, 


17 



78 


allegations contained in the complaint that launched the market timing scandal 
were brought to the New York Attorney General’s attention by Noreen Harrington, 
an executive at Canary Capital Partners. 45 In early 2003, Peter Scannell, an 
employee of Putnam, reported to the staff at the Securities and Exchange 
Commission and the Massachusetts Securities Division that, among other things, the 
investment adviser of the Putnam family of mutual funds and affiliates of the adviser 
were permitting trading in fund shares that violated fund disclosure documents. In 
describing his experiences to a U.S. Senate subcommittee, Scannell specifically 
commended Sarbanes-Oxley's whistleblower provision. 47 

As a general matter. Section 806 should be amended to cover employees of 
nonpublic companies to the extent that the relevant misconduct relates to a public 
company’s compliance. This amendment is particularly imperative with respect to 
mutual funds, where an employee of the nonpublic investment adviser is likely to be 
the only employee to which Section 806 will ever apply. The trial court, 48 dissenting 
Appeals Court Judge Ojetta Thompson, 49 Securities and Exchange Commission, 50 and 
Department of Labor 51 (which has adjudicatory authority over whistleblower 
complaints) all disagreed with the two judges who decided the First Circuit case. 

The Department of Labor’s Administrative Review Board has repeatedly held that 

San Francisco Chronicle at B1 (Dec. 23, 2003) ("In March, an unnamed whistleblower told 
Massachusetts securities regulators that Morgan Stanley executives pressured brokers to steer 
clients toward their in-house mutual funds, prompting both Massachusetts Secretary of State William 
Galvin and New York State Attorney General Eliot Spitzer to investigate.”). 

46 See Complaint, New York v. Canary Capital Partners, LLC (N.Y. Sup. CL 2003). 

47 See Testimony of Peter Scannell before the Subcommittee on Financial Management, the Budget, 
and International Security, U.S. Senate Committee on Government at 17 (jan. 27, 2004). 

48 See Lawson v. FMR, LLC, 724 F.Supp.2d 141 (D. Mass. 2010), rav'd in part by Lawson, supra, 

49 See Lawson, supra at 83 (Judge Thompson dissenting). 

50 Brief for the Securities and Exchange Commission as Amicus Curiae in Support of Plaintiffs- 
Appellees/Cross-Appellants Supporting Affirmance, 2011 WL 1977769 (Apr. 8, 2011). 

51 Brief for the Secretary of Labor as Amicus Curiae in Support ofPlaintiffs-Appellees/Cross-Appellants 
Supporting Affirmance, 2011 WL 1977768 (Apr. 8, 2011) 


18 



79 


Section 806 applies to employees of agents of public companies, even if the agent is 
not itself a public company. 52 Nonetheless, the interests of ensuring securities law 
compliance as reflected in Section 806 will be frustrated unless Congress takes up 
the First Circuit’s invitation "amend the statute." 53 

V. Option Grant Reporting 

One of the most effective provisions of SOXA has been its requirement that 
insider transactions in issuers' securities, including executive option grants, be 
reported within two business days of the transaction. Prior to SOXA, stock options 
grant could be disclosed up to one year after the grant. 54 In contrast. Section 403 of 
SOXA requires that stock options grants be reported within two business days. This 
provision has been effective in reducing the practice of fraudulent backdating of 
stock options, a pervasive practice that was exposed in 2005, when research 
showed that options backdating was pervasive among public companies. 55 Options 
that are reported within SOXA's two-day requirement cannot be materially 
manipulated through backdating. 56 Some have therefore concluded that SOXA 


52 See Spinner v. David Landau and Assoc., LLC, 2012 WL 2073374 at *3 (U.S. Dept, of Labor May 31, 
2012) (employee of private accounting firm providing SOX compliance services to public companies 
are covered by Section 806; citing supporting decisions). 

53 See Lawson, supra at 83. Senator Fitzgerald previously proposed such an amendment in Section 
116(b) of the Mutual Fund Reform Act of 2004, which clarified that Section 806 applied to employees 
of an "investment adviser, principal underwriter, or significant service provider" of a mutual fund, 
regardless of whether the entity was a public company. Section 922(b) of the Dodd-Frank Act 
amended Section 806 to clarify that it covered employees of nationally recognized statistical ratings 
organizations (whether or not they are public companies). 

54 See Securities Act Rule 16a-3; see generally Jesse Fried, Option Backdating and Its Implications, 65 
Wash. & Lee L. Rev. 853, 882 (2008) available at 

http:/ /www!aw,harvard.edu/faculty/jfried/option_backdating_and_itsjmpiications.pdf . 

55 See Erik Lie, On the Timing of CEO Stock Option Awards, 51 Management Science 802 (2005) 
available at http://www.biz.uiowa.edu/faculty/elie/Grants-MS.pdf. 

56 See Narayanan and Seyhum, supra. 


19 



80 


effectively eliminated the practice of options backdating . 57 Consistent with this view, 
research shows that patterns suggesting improper backdating did not appear when 
post-SOXA options were disclosed within one day of the grant date . 58 

However, the same research showed that the disclosure of a large percentage 
of options has not complied with SOXA; "roughly one-fifth [of executives] violate the 
two-day reporting requirements .” 59 There is substantial evidence that thousands of 
companies have continued to backdate options while violating the SOXA’s two-day 
reporting requirement , 60 which raises the question of whether the requirement is 
being adequately enforced. 


On the whole, the SEC’s options backdating enforcement effort has been 
extensive. The Commission has brought dozens of enforcement actions related to 
options backdating 61 including, for example, a case in which it obtained a permanent 
bar from serving as a director or officer of a public company against a company's 
former general counsel and chief accountant for, among other things, options 
backdating and violations of the post-SOXA, two-day reporting requirement . 62 


57 See generally Hearing before the Committee on Banking, Housing and Urban Affairs, U.S. Senate 
(Sep. 6, 2006) (testimony of Christopher Cox, Chairman, Securities and Exchange Commission) (SOXA 
"slammed the door" on options backdating) available at 

http://www.sec.gov/news/testimony/2006/ts090606cc.htm; see also John Zarian, Backdating 
Requires Caution , Forethought, Idaho Bus. Rev. (OcL 9, 2006) ("The practice of backdating options 
virtually disappeared in 2002 when the Sarbanes-Oxley Act tightened reporting requirements.”) 
avai/aWe at http://www.stoel.com/fiies/BackdatingJBR2006.pdf. 

58 See Randall Herron and Erik Lie, Does Backdating Explain the Stock Price Pattern Around Executive 
Stock Option Grants, 83 ). Fin. Econ. 271 (2007) available at 

http://www.uic.edu/ciasses/actg/actg593/Readings/Stock-Options/Does-Backdating-Explain-The- 
Stock-Price-Pattern-Around-Executive-Stock-Option-Grants-Heron, -RA.-E-Lie.pdf. 

59 Herron and Lie, supra at 274; see Narayanan and Seyhum, supra at 4 (finding continued evidence 
of backdating and late reporting of 24% of option grants). 

60 See Fried, supra at 883 - 84. 

61 See cases listed on the SEC's Spotlight on Stock Options Backdating webpage at 
http://www.sec.gov/spotlight/optionsbackdating.htm. 

62 SEC Charges Take-Two's Former General Counsel and Former Controller/Chief Accounting Officer 
with Stock Option Backdating, Litig. Rel. 2 1 1 63 (Aug. 3, 2009) available at 


20 



81 


In addition, reporting compliance may have improved, thereby arguably 
lessening the need for increased enforcement. None of the data cited above covers 
reporting during the last 5 years, and 1 have not found any research that measures 
more recent options reporting compliance levels. Indeed, some research suggests 
that SOXA options reporting compliance improved from 2002 to 2004, 63 and such 
improvement may have continued. 

However, it appears that inadequate enforcement may be permitting a 
significant degree of backdating to continue. 64 The number of enforcement actions 
involving post-SOXA reporting violations is not consistent with research evidencing 
thousands of violations during SOXA’s early years. And it is not clear why 
enforcement of the two-day reporting requirement would not be a fairly simple 
matter. Form 4 is an electronic report that presumably could be searched to 
generate an automatic red flag when the filing date falls more than 2 days after the 
grant date. The possibility of creating such an automatic flagging system should be 
considered (although such a system may already be in place). In addition, it may be 
appropriate, given the evidence of continued, widespread backdating, to impose 
automatic penalties for late reporting of options. Penalties could be structured to 
ensure that they are sufficiently severe that they would not be treated simply as a 
cost of doing business, such as through higher penalties for repeat offenders. 


http://www.sec.gov/litigation/litreleases/2009/lr21163.htm; SEC v. Selterman and Tay, Civ. Act. No. 
09-CV-6813 (S.D.N.Y. July 31, 2009) available at 
http://www.sec.gov/litigation/complaints/2009/comp21163.pdf. 

63 See Nurayanan and Seyhum, supra at 9 (average post-SOXA reporting lag decline from 17.65 to 
8.62 days). 

64 See Nurayanan and Seyhum, supra at 24 ("In order to further restrict [backdating and camouflaged 
timing], SEC needs to enforce the SOX reporting requirements, and, if possible, limit the use of 
unscheduled option grants to legitimate purposes."). 


21 



82 


Statement of Professor John C. Coffee, Jr. 

Adolf A. Berle Professor of Law 
Columbia University Law School 

at 

Hearings Before the Subcommittee on Capital Markets and 
Government Sponsored Entities 

of the 

Committee on Financial Services 
of the 

United States House of Representatives 


“The 10 lh Anniversary of the Sarbanes-Oxley Act” 


July 26, 2012 

Room 2128 of the Rayburn House Office Building 
Washington, D.C. 



83 


Chairman Garrett, Ranking Member Waters, and Fellow Members of the Committee: 

I. Introduction 

I thank you for inviting me. Since the enactment of Sarbanes-Oxley a decade ago, two 
theories have been regularly at war in legislative debates over financial regulation. 

Theory One, which certainly underlies the recently enacted JOBS Act, is that our capital 
markets are buried under an avalanche of overregulation. Theory Two is that our capital 
markets are suffering from the loss of investor confidence. It is, of course, possible that 
both theories could be correct to some degree and to different degrees at different times. 
Nonetheless, I believe that the contemporary evidence far better supports the following 
generalization: The greatest obstacle to competitive capital markets and job creation 
today in the U.S. is not overreaulation, but the loss of investor confidence . 

This loss of investor confidence dates back to the burst of the Internet Bubble in 
2000 to 2001. In its wake, investors learned that securities analysts in the U.S. were 
deeply conflicted. Over the next two years, Enron, World Com and a record number of 
accounting restatements furthered their disenchantment, and cast doubt over the integrity 
of audited financial statements. Since then, the IPO market has never returned to its pre- 
2000 levels of euphoria and volume. 1 The Enron and World Com scandals led, of course, 
to the passage of SOX a decade ago. Since SOX, it has been possible (and sometimes 
fashionable) to argue that the reduced number of IPOs is attributable to the regulatory 
burdens imposed by SOX, but it is even easier (and intellectually simpler) to see the 


1 The IPO market has always been volatile and changes in its volume may partly reflect new 
waves in technology (such as the Internet revolution that surged in the late 1990s and produced 
many successful IPOs). This factor could alone explain the reduced number of IPOs. A variety 
of factors also explain the decline in smaller IPOs of less than $ 1 00 million, including the 
demands of institutional investors for liquidity (which smaller IPOs inherently lack). 


- 1 - 




84 


reduced level of IPOs as attributable to investor memories that still have not forgotten 
Henry Blodget, Jack Grubman and Pets.com. 

Past bubbles are only one factor in the low level of investor confidence today. 
Currently, there are much more compelling reasons for increased investor skepticism. To 
understand this, one only has to survey the recent headlines: 

1 . The Futures and Commodities Market. The MF Global and Peregrine 
Financial scandals effectively told clients of futures and commodities 
brokers that they cannot be certain where their funds are and whether they 
have been misappropriated. The Peregrine scandal may have continued 
for 20 years (and thus rivals Bernard Madoff s Ponzi scheme for the 
length of time that it went undetected). Internal compliance and audit 
procedures and the segregation of customer funds to have been either 
lacking or woefully implemented. Other similar scandals could still be 
buried. 

2. The Libor Scandal . The American public now understands that at least 
some within the largest banks in the U.S. and abroad were eager to collude 
to fix a critical benchmark rate. Equally important, there is some evidence 
that regulators (both in the U.S. and the U.K.) were equivocal about 
stopping this practice. This suggests underregulation, not overregulation. 

3. The London Whale . JPMorgan’s problems with its Chief Investment 
Office strike me as more a blunder than a crime, but there is certainly 
evidence of weak compliance efforts (and there may also be evidence that 
some traders successfully hid their losses for a time). Worse, the Federal 


- 2 - 



85 


Reserve Bank ofNew York had 40 bank examiners on the ground at 
JPMorgan, but none at its critical Chief Investment Office in London. 

Like Inspector Clouseau pursuing the Pink Panther, they could not 
distinguish JPMorgan’s headquarters from its hindquarters. 

4. Chinese Reverse Mergers . It is estimated that approximately 80 Chinese 
issuers bought listings on U.S. exchanges between 2008 and 201 1 — 
without conducting an initial public offering under U.S. law. 2 Many of 
these companies lacked any significant assets or revenues (Sino-Forest 
was actually listed in Canada, but it has become the symbol of this 
dubious class of issuers that have streamed into U.S. markets). Investors 
bought them on overly optimistic hopes for the Chinese economy. 
Interestingly, Chinese regulators are derisive about the U.S. acceptance of 
these companies, pointing out that the same companies could not have 
listed on the major Chinese exchanges. This year, the “Chinese Bubble” 
has deflated, and the 82 companies listed on the Bloomberg Chinese 
Reverse Merger Index have declined by some 52% between January 2011, 
and July 16, 201 2. 3 Investors eventually learn — but the lessons are often 
bitter. 

5. Facebook and the U.S. IPO Market . Although IPO markets are always 
volatile, American investors have lost considerable confidence this year in 
the domestic IPO market. This is evidenced not only by the much 
discussed fiasco surrounding the Facebook offering, but by the fact that 

2 See “Chinese Stocks Fleeing U.S.,” Market Montage, July 21, 2012. 

3 Id. 


- 3 - 



86 


the IPO pipeline has dried up over recent months and that the stock prices 
of the other companies in the “social media” industry that recently went 
public — i.e., Zynga, Groupon, Ren-Ren, and Zipcar 4 — are now trading 
well below their initial offering prices. Retail investors are angry that 
reduced analyst forecasts were selectively disclosed to institutional 
investors but not to them. Again, a bubble has deflated. 

6. The JOBS Act . The perception that overregulation is responsible for the 
decline in IPO volume has strong adherents and was obviously the motor 
force for the JOBS Act that passed earlier this year. Although I believe 
that some provisions of the JOBS Act were reasonable in updating or 
streamlining existing exemptions, 1 regard other aspects of the JOBS Act 
as a major retreat from our longstanding commitment to principles of 
transparency and full disclosure. 

What has been the impact of the JOBS Act? Of course, it is too early for any 
serious assessment. But already there is anecdotal evidence that it is attracting to the U.S. 
offerings that other markets would not list. The leading example is the approaching IPO 
of Manchester United, the British soccer team. Other jurisdictions would not permit 
Manchester United to list “dual class” shares that effectively disenfranchised public 
shareholders (the shares held by the public in Manchester United will have only one tenth 
the voting rights per share of the shares held by the control group). The U.S.’s 
willingness to list shares that do not carry full voting rights plus the exemptions available 

4 For a recent review of the price discounts on these offerings from the time of their IPOs, see 
Larry Doyle, “Social Media: You Know You’re in a Bubble When . . Benzinga.com June 19, 
2012. 


- 4 - 



87 


to “emerging market companies” under the JOBS Act appears to have won the U.S. this 
offering. Nonetheless, it may have been a Pyrrhic victory, and other nations are mocking 
the U.S.’s success. A recent story in the New Zealand Herald notes that, under the JOBS 
Act, Manchester United is classified as an “emerging growth company,” even though it is 
134 years old and has been steadily operating at a loss.'"’ A leading Singapore paper has 
praised the Singapore Exchange (“SEX”) for not lowering its standards to those of the 
U.S. 5 6 

Should the U.S. be proud of its achievement? The Manchester United offering 
will not create jobs in the U.S. (as the issuer is a British sports team), but it does suggest 
that the U.S. is actively competing in a race for the bottom. Perhaps, in the future, some 
of the Chinese reverse merger stocks that snuck into the U.S. through the back door will 
instead enter through the front door, now that the JOBS Act has reduced the level of 
transparency that an IPO issuer must endure. In my view, the U.S.’s success in winning 
such listings is a dubious honor that will again bring few, if any, jobs to the U.S., but will 
probably import more than a few frauds. Over the long run, investor confidence will 
again suffer. 

11. H.R. 6161 : “The ‘Mature Mediocrities’ Act of2012”. 


5 See Brian Gaynor, “Why Man U’s rules Are Turning It Into a Loser,” New Zealand Herald, July 
14,2012. 

6 See Goh Eng Yeow, “Hold IPO Hopefuls to High Standards; Goal of SEX to Attract Brand 
Names, But They Should Be Actively Traded,” The Strait Times, July 9, 2012. 


- 5 - 



88 


All this brings me to H.R. 6161 (the “Fostering Innovation Act”). It is another 
proposed step in the headlong retreat from transparency. Equally important, it would be a 
step that would be taken in the face of a detailed SEC recommendation to the contrary. 7 

Essentially, H.R. 6161 changes the definition of “accelerated filer” in SEC Rule 
12b-2 so that companies that are neither “emerging” nor “growth” companies can also 
escape Section 404(b) of the Sarbanes-Oxley Act (which requires an annual audit of 
internal controls). Specifically, I have three basic criticisms of H.R. 6161 : 

First, it goes further than the “emerging growth company” concept of the JOBS 
Act, because the JOBS Act confers typically only a five year compliance postponement 
after the date of an issuer's IPO. The JOBS Act’s provision can thus be justified as a 
transitional provision for young companies. In contrast, H.R. 6161 would extend 
permanent immunity from SOX’s Section 404(b) to firms that stayed below $250 million 
in their “public float” (i.e., their value of stock held by public investors who are not 
affiliates). Whatever the case for sheltering “emerging growth companies” for a limited 
period, it is far stronger than the case for immunizing “Mature Mediocrities” forever, as 
H.R. 6161 would do. 

Second, H.R. 6161 goes well beyond what was contemplated by Section 989G of 
the Dodd-Frank Act because it redefines the tenn “accelerated filer” (in SEC Rule 12b- 
2 8 ) to require that an accelerated filer must have revenues in excess of $100,000,000 
during its most recent fiscal year. The Dodd-Frank Act’s Section 989G had contemplated 
only the possibility of eliminating companies with a modest public float (in the $75 

7 See Office of the Chief Accountant, U.S. Securities and Exchange Commission, Study and 
Recommendations on Section 404(b) of the Sarbanes-Oxley Act of 2002 for Issuers With a Public 
Float Between $75 and $250 Million, (April, 2011). 

8 See 17 C.F.R. 240.1 2b-2. 


- 6 - 



89 


million to 250 million range). Under this revised definition in H.R. 6161 , a company 
could have revenues of $90 million and yet have a public float of $600 million (because it 
had a relatively high price/eamings ratio), and it would not be deemed an “accelerated 
filer.” 9 Such high p/e companies are probably those most needing oversight over the 
adequacy of their audit controls. In any event, this is a more open-ended exemption than 
it first appears. 

Third, unlike the “emerging growth companies" exemption, H.R. 6161 confers 
immunity on mature companies that may have a dubious regulatory history. For 
example, suppose a company with a public float of $200 million had recently experienced 
a major accounting restatement within the past two years. This sounds like exactly the 
type of company that needs the oversight of Section 404(b). But it would be exempted 
because it did not qualify as an “accelerated filer” under H.R. 6161’s definition, even if it 
had experienced multiple restatements and several SEC enforcement actions. My point is 
that certain “bad boys” should not qualify for this extended exemption. 

Finally, there is a likelihood that H.R. 6161’s $100 million revenues and $250 
million public float tests will be gamed by some issuers. An issuer could defer earnings 
to the next year to avoid surpassing $100 million in revenues or, even more likely, it (or 
an affiliate) could buy back stock to stay under the $250 million public float test. The 
SEC’s study reports evidence that issuers do “attempt to avoid Section 404 costs by 
reducing or managing their public float in order to become or remain a non-accelerated 


9 To illustrate, suppose a company had $90 million in revenues and $20 million in net earnings 
and the market capitalized its earnings at a 30:1 price to earnings ratio. Its market capitalization 
would thus be $600 million, but it would still be exempt because it had less than $100 million in 
revenues. 


- 7 - 



90 


filer.” 10 The possibility of such manipulation is probably greater under H.R. 6161for 
issuers that are at or near the $250 million float level than for those at or near the $75 
million level." 

111. The Impact of Section 404(b) 

Beyond these narrow drafting comments about H.R. 6161, the broader question of 
the impact of Section 404(b) deserves a brief comment. Section 404(b) did not on its 
face require an audit, but it was interpreted to require a full-scale audit before an auditor 
could attest under Section 404(b) of SOX. In retrospect, that decision could be 
reasonably debated. In any event, I would have to agree that, as first formulated. Section 
404(b) was unduly costly to smaller companies. But that is now ancient history. As the 
SEC points out in its lengthy study. Section 404(b) was substantially softened and 
downsized in 2007, and then Dodd-Frank Act’s Section 989G exempted all “non- 
accelerated filers” from its reach. The costs of Section 404(b) compliance have also 
come down since the 2007 reforms. 

Unfortunately, these changes have not ended its death-by-a-thousand-cuts. and the 
new attempt in H.R. 6161 would exempt roughly another 1,000 companies (according to 
the SEC’s estimate) with a public float between $75 million and $250 million (plus the 
unknown number of companies with revenues under $100 million and a public float of 
over $250 million). That would represent another major retreat from the principle of 
transparency that long governed our market. 


10 See Office of the Chief Accountant, supra note 7, at 95-96. 

11 This is because, by adding the $100 million revenues test, H.R. 6161 creates an entirely new 
test that can be gamed. Also, larger issues generally have greater financial resources and hence 
more ability to buy back or redeem shares. 


- 8 - 



91 


Equally important, the SEC’s study finds strong evidence that Section 404(b) 
provides meaningful protections to investors. Specifically, the SEC’s study reports that: 

1 . “Section 404(a) and (b) compliant issuers are less likely to issue 
materially misstated financial statements than issuers not subject to 
these requirements.” 12 

2. “The rate of restatements . . . was 46% higher among issuers that 
only filed Section 404(a) reports as compared to those that filed 
auditor attestations under Section 404(b) during the cumulative 
four years of compliance with Section 404.” 13 

On the other side of the ledger, it had been argued that the passage of Sarbanes-Oxley has 
led to a significant increase in firms going private or “going dark” (i.e., deregistering 
under the Securities Exchange Act). But here more recent research suggests that Section 
404(b) had little or no effect on decisions to go private or go dark. 14 Indeed, debt 
investors appear to have sometimes demanded that even when firms went private they 
still had to remain 1934 Act “reporting companies." 1 ” 

This evidence thus suggests that there are benefits to Section 404. To be sure, 
there are also costs, but smaller companies were spared these costs if they qualified as 
non-accelerated filers by Section 989G of the Dodd-Frank Act. Now, the issue is 
whether medium-sized and even larger companies should be able to escape Section 404. 

12 Office of the Chief Accountant, supra note 7, at 86. 

13 Id 

14 See C. Leuz, Was the Sarbanes-Oxlev Act of 2002 Really This Costly? A Discussion of 
Evidence from Event Returns and Going Private Decisions . 44 J. Acct. & Econ. 146 (2007); R. 
Bartlett, Going Private But Staving Public: Reexamining the Effect of Sarbanes-Oxlev on Finns’ 
Going Private Decisions . 76 U. Ch. L. Rev. 7 (2009). 

15 See Bartlett, supra note 14. 


- 9 - 




92 


in the wake of the JOBS Act, there is considerable reason to slow the race 
towards deregulation. We may yet find that in some areas we have gone too far. Nor do 
we jeopardize our market by moving cautiously. Foreign issuers already have 
substantially enhanced reasons to consider a U.S. listing (as they can qualify as 
“emerging growth companies”). The likely beneficiaries of H.R. 6161 will be “Mature 
Mediocrities,” and the case for broadly exempting them in the fashion that H.R. 6161 
does has just not been made. 


- 10 - 



93 



CENTER FOR AUDIT QUALITY 



Serving Investors, Public Company Auditors & the Markets 


WRITTEN TESTIMONY OF 
MICHAEL J. GALLAGHER 

PROFESSIONAL PRACTICE EXECUTIVE COMMITTEE CHAIRMAN 
CENTER FOR AUDIT QUALITY 

BEFORE THE 

CAPITAL MARKETS AND GOVERNMENT SPONSORED ENTERPRISES 
SUBCOMMITTEE 

HOUSE FINANCIAL SERVICES COMMITTEE 
U.S. HOUSE OF REPRESENTATIVES 

HEARING TO EXAMINE THE BURDENS AND BENEFITS OF THE SARBANES- 

OXLEY ACT 

JULY 26, 2012 


1 



94 


Introduction 

Mr. Chairman and Members of the Subcommittee, my name is Michael Gallagher 
and I am pleased to testify today on behalf of the U.S. auditing profession regarding 
the Sarbanes-Oxley Act of 2002 (the Act). I have more than 26 years of experience in 
public accounting, and am currently Chairman of the Professional Practice Executive 
Committee (PPEC) of the Center for Audit Quality (CAQ). I am also the Managing 
Partner of PricewaterhouseCoopers LLP's audit quality functions. 

I am here today on behalf of the CAQ and PPEC. The CAQ was formed in 2007 to 
serve investors, public accounting firms that audit public companies, and the capital 
markets by enhancing the role and performance of public company auditors. It is a 
membership organization with nearly 600 public company audit firms as members. 
The firms are registered with the Public Company Accounting Oversight Board 
(PCAOB). The member firms are committed to fulfilling the public interest role that 
auditors play in our capital markets. 

The PPEC supports the CAQ's objectives by providing a forum for public accounting 
firms to express their views on technical and regulatory matters involving practice 
before the Securities and Exchange Commission (SEC) and the PCAOB. It also 
liaises with the SEC, PCAOB, Financial Accounting Standards Board, and others on 
technical and regulatory matters, including those related to financial reporting and 
audit quality. 


2 



95 


My comments represent the observations of the CAQ, but not necessarily the views of 
any specific firm, individual, or CAQ Governing Board member. 

Overview 

Let me begin by providing a brief summary of the objectives, benefits, and costs of 
the Act, each of which I will explore in greater detail in my testimony. 

The Act was passed to restore investor confidence in public companies and enhance 
investor protection by improving corporate governance and increasing the accuracy 
and transparency of financial reporting. This subcommittee played an important 
role in crafting the Act to years ago, at a time when the financial markets had been 
roiled by a series of significant financial reporting frauds, and one of the largest audit 
firms had gone out of business. Investor confidence had been shaken, and Congress 
responded in a near unanimous and bi-partisan fashion to improve the accuracy of 
public company financial reporting, and the quality of public company audits. 

We believe the benefits of the Act to investors and the capital markets more broadly 
have been substantial. In passing the Act, Congress explicitly recognized the 
interrelated roles that companies, audit committees, and auditors have in assuring 
the integrity of financial reports. Benefits of the Act include: (i) strengthened audit 
committees and corporate governance; (ii) enhanced auditor independence; (iii) 
improved transparency and accountability for financial reporting, in part through 
new requirements for public companies and their auditors focused on internal 


3 



96 


control over financial reporting; and (iv) independent oversight of the audit 
profession by the PCAOB. 

These benefits came with certain compliance costs — costs which are ultimately 
borne by investors whose confidence had been upset by a series of financial reporting 
failures. The compliance costs have declined significantly since the Act was first 
implemented, but nonetheless we understand they need to be considered in the 
appropriate context when examining the Act. 

We believe the Act has been successful in achieving its objectives. In many ways, it 
has also set new standards for corporate governance and auditor oversight that many 
other jurisdictions around the world have embraced. Also, we continue to examine 
w r ays to build upon the successful reforms of the Act to enhance financial reporting 
and audit quality’ and promote greater investor protection. I'll touch upon some of 
these areas later. 

Strengthened audit committees and corporate governance 

The Act placed the responsibility for overseeing a public company's financial 
reporting process and the appointment, compensation, and oversight of its external 
auditor, with the audit committee rather than management. It requires audit 
committee members to be independent of management. The audit committee 
therefore has a responsibility to protect the interests of investors, and auditors report 
directly to them in their oversight role. This change, which is one of the most 
important reforms for investors and the capital markets, increased the depth, 


4 



97 


breadth, and candor of dialogue between auditors and audit committees, improving 
financial reporting and audit quality. 

The Act strengthened audit committees by encouraging them to have at least one 
member who is a financial expert to serve as a resource to help the audit committee 
execute its responsibilities. Companies that do not have a financial expert must 
disclose this in their proxy statement and explain the rationale. 

Required communications between auditors and audit committees were enhanced by 
the Act. They included critical accounting policies and practices and alternative 
accounting treatments. Audit committees were required to establish procedures for 
receiving whistleblower complaints, providing another means to identify potential 
accounting, reporting, and internal control issues and promote improved financial 
reporting. 

Collectively, these changes enhanced the role of the audit committee, empowered it 

to effectively carry out its responsibilities, and significantly contributed to improved 

financial reporting and audit quality. Today, proxy filings indicate that audit 

committees meet with greater frequency than a decade ago, and almost half of all 

audit committee members are financial experts. This compares to only a small 

number in 2003 1 . The increase in audit committees' skill sets, coupled with 

enhanced communications requirements, better enables them to understand and 

challenge the adequacy and appropriateness of a public company's accounting and 

1 The Sarbanes-Oxley Act at 10: Enhancing the reliability of financial reporting and audit quality, 
Ernst & Young. 


5 



98 


financial reporting processes. They also help the audit committee better assess if the 
auditor has been objective and appropriately skeptical, and whether he or she has 
performed an effective audit. 

Enhanced auditor independence 

The Act introduced a number of changes to enhance the independence of public 
company auditors. We believe these changes were balanced and very effective, and 
have described them below. 

The Act prohibits audit firms from providing certain non-audit services to companies 
they audit that might compromise their independence. Examples of prohibited 
services include financial information systems design and implementation, and 
internal audit outsourcing services. In addition, it requires audit committees to pre- 
approve all sendees to be provided by a public company's auditor, including any 
permissible non-audit services, such as financial due diligence and tax compliance 
services. Thus, audit committees were empowered to determine which, if any, 
permissible non-audit sendees could be performed by the auditor. Transparency 
also was increased through new proxy statement disclosure requirements that enable 
investors to see the amount of fees paid by public companies to their auditors for 
audit and non-audit services. 

The Act requires the lead engagement partner to rotate off the audit engagement 
every five years, rather than seven as had been the case previously under the rules of 
the profession. It lengthened the "cooling off” period, the period before the partner 


6 



99 


can return to the engagement, from two years to five years. These requirements were 
extended to the engagement quality review partner as well, whose role is to perform 
an objective review of the significant judgments and conclusions of the engagement 
team. 

Conflict of interest rules restricting employment by public companies of former 
employees of its audit firm's engagement team were also expanded by the Act. In 
effect, the SEC's rules prohibit a former partner or professional employee of the audit 
firm who was a member of the audit engagement team from being employed by the 
public company in a financial reporting oversight role 2 until the audit firm has 
completed an annual audit without the individual. If the individual is a former 
partner, he or she may not have a remaining capital balance with the audit firm, and 
no individual can have a financial arrangement with the audit firm under which 
payouts would depend on the revenues or profits of the audit firm. 

Improved transparency and accountability for financial reporting 

Executive Officer Certifications 

One of the core elements of the Act was to place clear responsibility for a public 
company’s financial statements with its chief executive officer (CEO) and chief 
financial officer (CFO). CEOs and CFOs must individually certify that to their 
knowledge, the periodic financial reports filed with the SEC are materially correct, 


2 Defined in the SEC's final rule regarding auditor independence as a role in which an individual has 
direct responsibility for or oversight of those who prepare the registrant's financial statements and 
related information (e.g., management discussion and analysis), which will be included in a 
registrant's document filed with the SEC. 


7 



100 


and that those reports “fairly present” the public company’s operations and financial 
condition in all material respects. 

The CEO and CFO must certify that they are responsible for establishing and 
maintaining an effective system of internal control over financial reporting. 
Management must evaluate the effectiveness of internal control over financial 
reporting, and present its conclusion in a report that accompanies the financial 
statements. 

The Act further enhanced executive officers’ accountability for financial reporting by 
mandating stiff penalties — including forfeiture of bonuses and profits, potential SEC 
enforcement action, and criminal penalties — for knowingly certifying non-compliant 
financial reports. 

Internal Control Over Financial Reporting 

In addition to requiring management to evaluate and report its conclusion on the 
effectiveness of internal control over financial reporting, the Act requires auditors to 
attest to management's conclusion. This requirement has been applied to public 
companies whose market capitalization exceeds $75 million. We believe these 
requirements provide significant benefits to investors. They increase accountability 
of individuals involved in the financial reporting process, enhancing the qualify and 
reliability of companies’ financial reporting. 


8 



101 


For example, a study released by the SEC in 20093 found that the auditor attestation 
requirement caused management to devote more resources to a disciplined financial 
reporting process in order to better understand financial reporting risks, implement 
controls to address those risks, and address control issues in a more timely fashion. 
That study also noted that an auditor’s professional expertise in evaluating internal 
control over financial reporting provides incremental benefit to management’s 
assessment, and ultimately a benefit to investors, similar to the audit of the financial 
statements. Other studies have also found that restatements of financial 
information, an important area of concern to investors, are less frequent for 
companies subject to the auditor attestation requirement than those that are not-*. 
For these reasons, we believe that the discipline and accountability that the auditor 
attestation requirement provides is very important in today’s complex and ever 
evolving business and financial reporting environment. 

The above changes have also led to improvements in the audit committee's role in 
corporate governance. For example, auditors are required to communicate to the 
audit committee all significant deficiencies and material weaknesses in internal 
control over financial reporting that have been identified during the audit. This 
communication promotes important discussions about internal control over financial 
reporting among management, the audit committee, and the auditor -- helping 
improve the audit committee's oversight and the quality of companies' controls and 
financial reporting. 

3 Section V of the SEC’s Office of Economic Analysis Study of the Sarbanes-Oxley Act 0/2002 Section 404 
Internal Control Over Financial Reporting Requirements found at http://www.sec.gov/news/st11dies/2009/sox- 
404_study.pdf. 

4 See http: / / www.thecaq.org / newsroom / pdfs /CAOCommentLetter-SQX 404 (h~)Stiidv.pdf (page 3). 


9 



102 


Independent oversight of public company audits and auditors 

The Act established the PCAOB to oversee public company audits and auditors. We 
believe its activities, and in particular its inspections and standard-setting roles, 
which were conducted by the auditing profession under a self-regulation model prior 
to the Act, have been a significant factor in the improvement of audit and financial 
reporting quality over the past decade. 

The largest audit firms are inspected by the PCAOB on an annual basis, while others 
are inspected at least every third year. The inspection process provides the PCAOB a 
basis for assessing the degree of compliance by an audit firm with applicable 
requirements related to auditing public companies. It includes reviews of 
components of selected public company audits completed by audit firms and the 
policies and procedures related to certain quality control processes of audit firms, 
such as those used to monitor audit performance and risks in accepting and retaining 
clients. 

The PCAOB's inspections promote audit quality a number of ways. For example, 
they reinforce accountability for audit quality at all levels of an audit firm, including 
leadership. The inspections also highlight opportunities for audit firms to improve. 
This might include identifying areas on an engagement where more or different audit 
procedures should be performed. The inspections also help identify areas in which 
additional training, audit guidance, skills, or communications may be needed. 


10 



103 


It is also important to note that the PCAOB’s inspection activities are not limited to 
the U.S. The PCAOB has made significant progress over the past several years 
reaching inspection agreements with audit regulators in other territories. These 
efforts are ongoing, and US regulators are seeking to obtain better alignment in those 
cases where US and local territory laws conflict. Thus, international inspections also 
promote investor protection, particularly in light of the ever increasing complexity 
and global scale of business. Many jurisdictions have adopted similar independent 
auditor oversight models. 

Standard-setting can also have a significant impact on audit quality. The PCAOB 
publishes its standard setting agenda, and solicits feedback, in part, through its 
Standing Advisory Group (SAG). The SAG comprises investors, public company 
executives, audit committee members, auditors, and other stakeholders. I am a 
member of the SAG, as are several other individuals in the member firms of the CAQ. 
Also, the CAQ, including the PPEC, works closely with the PCAOB and its Staff on 
new and emerging auditing issues, with a focus on promoting standards that 
enhance financial reporting and audit quality. 

Costs of the benefits 

We recognize the aforementioned benefits associated with the Act came with certain 
costs of compliance, costs which have generally declined over the last ten yearss. In 
fact, a July 2012 report by Audit Analytics found that in 2011, audit fees, as a 


5 Protiviti’s 2010 Sarbanes Oxley Compliance Survey can be found at 
http://www.auditnet.org/articles/KL201010.pdf. 


11 



104 


percentage of public company revenues, were at the lowest level since 2004, the first 
year of the Act 6 7 . 

In order to put the above in context, it is helpful to consider how the Act's 
implementation has evolved over time. The PCAOB’s original auditing standard on 
internal control, issued in 2004, was widely viewed as being too rules-based and 
costly, as audit hours, audit fees, and companies' associated internal costs increased 
significantly. The PCAOB recognized these concerns and responded by issuing a 
revised standard in 2007 that was intended to promote a more risk-based audit and 
was less prescriptive, thereby allowing the use of more auditor judgment. While 
focused on maintaining audit quality, that standard generally resulted in reductions 
to the nature and extent of audit procedures, and a corresponding reduction in audit 
hours and fees?. 

The PCAOB also published staff guidance on its revised standard for audits of 
smaller public companies 8 . This guidance was intended to facilitate more efficient 
and effective audits of internal control over financial reporting for smaller, less 
complex public companies. The PCAOB conducted forums across the country for 
auditors of smaller audit firms, to help address implementation issues associated 
with its revised standard. 


6 Audit Analytics' Audit Fees and Non-Audit Fees: A Ten Year Trend, July 2012 (page 3). 

7 http:/ / www.sec.gov/news/studies/ 20ii/404bfloat-study.pdf. 

8 PCAOB Staff Views An Audit of Internal Control Over Financial Reporting That is Integrated with 
An Audit of Financial Statements Guidance for Auditors of Smaller Public Companies . 


12 



105 


The SEC also undertook targeted reforms that resulted in more efficient and effective 
implementation of the internal control requirements of the Act. It released guidance 
in 2007 for companies to use in their assessments of internal controls. This guidance 
improved management assessments, which has contributed to an increase in auditor 
efficiency. 

In addition, the recently passed Jump Start our Business Startups Act (JOBS Act) 
also provides certain relief to emerging growth companies, including a temporary 
exemption from the auditor attestation on internal control over financial reporting. 
While we believe that the auditor attestation requirement enhances investor 
protection, we understand the cost/benefit balance achieved by providing emerging 
growth companies additional time to comply with it. 

Aside from actions by Congress, the PCAOB, and the SEC, other factors have 
contributed to the downward trend in costs related to the internal control 
requirements. For example, as the work of auditors and public companies in this 
area has evolved over the years, there continue to be efficiencies gained by both. 
Management’s processes and activities that support a public company's required 
assertion about internal control over financial reporting have become more 
integrated with their day-to-day activities and related financial reporting, in part due 
to investments to update information technology systems. Further, auditors have 


9 SEC Guidance Regarding Management's Report on Internal Control Over Financial Reporting 
Under Section 13(a) or 15(d) of the Securities Exchange Act 0/1934. 
http://www.sec.gov/rales/interp/2007/33-8810.pdf 


13 



106 


made continued progress in integrating their audits of internal control over financial 
reporting with their financial statement audits. 

Thus, the collective impact of these factors has led to a general decline in compliance 
costs associated with the internal control provisions of the Act. 

Continuous improvement 

Often the only time the investing public hears about a significant financial reporting 
or auditing issue tends to be when the financial reporting system has not worked as it 
should, whether it is a restatement of the financial statements, an audit deficiency, or 
other matter. We believe the accountability and transparency provided by the Act 
has been a significant deterrent to potential wrong doers. Also, in some respects, 
investors do not hear anything when the system works and delivers the value that 
was intended, which is the case the vast majority of the time - - issues are identified 
and fixed, internal controls are improved, and auditor performance and audit 
committee oversight are effective. 

That said, the auditing profession is constantly looking for ways to make the system 
better, with appropriate consideration of cost/benefit. Accordingly, we are actively 
engaged in the dialogue with investors, audit committees, regulators and others on 
ways to further enhance financial reporting and audit quality'. For example, the CAQ 
has been supportive of a number of the PCAOB's recent proposals, including making 
improvements to the auditor's reporting model and audit committee 
communications. We also support looking for ways to have more meaningful 


14 



107 


conversations -with audit committees about PCAOB inspection findings for a given 
engagement. Further, the CAQ is working with the audit committee community to 
identify what auditors can do to promote best practices for audit committees as they 
execute their responsibilities. 

Closing 

To briefly recap, we believe the Act has achieved its objectives, and that the benefits 
to investors and the capital markets more broadly are substantial. It (i) strengthened 
audit committees and corporate governance; (ii) enhanced auditor independence; 

(iii) improved transparency and accountability for financial reporting; and (iv) 
established independent oversight of the audit profession by the PCAOB. 

Though the significant benefits achieved did include certain compliance costs, those 
costs have generally declined over the past 10 years, in part due to additional 
experience and process improvements by public companies and their auditors, and 
other actions. 

Lastly, we believe that the best course looking forward is to build upon the successful 
reforms of the Act. We commit to fulfilling our role by engaging investors, audit 
committees, regulators, and others on this subject with a clear focus on enhancing 
investor protection. 

Thank you. I would be happy to take any questions you might have. 


15 



108 


Biotechnology 
Industry 
Organization 

Jeffrey S. Hatfield 

President and Chief Executive Officer, 

Vitae Pharmaceuticals 

On behalf of the Biotechnology Industry Organization 

Before the United States House of Representatives Committee on Financial Services, 
Subcommittee on Capital Markets and Government Sponsored Enterprises 

"The 10 th Anniversary of the Sarbanes-Oxley Act" 

July 26, 2012 

Executive Summary 

Vitae Pharmaceuticals is a clinical-stage biotechnology company based in Fort Washington, 
Pennsylvania. The Biotechnology Industry Organization (BIO) represents Vitae and more 
than 1,100 innovative biotechnology companies, along with academic institutions, state 
biotechnology centers, and related organizations in all 50 states. 

BIO supports H.R. 6161, the Fostering Innovation Act, which would amend the filing status 
classifications in SEC Rule 12b-2 to provide a more accurate picture of growing businesses. 

o The bill would raise the minimum public float requirement for accelerated filers to $250 
million, allowing non -accelerated filer start-ups to expand and change without fear of 
impeding their growth with costly regulations. 

o The bill would add a revenue component to the accelerated filer definition, ensuring that 
companies with revenue below $100 million spend their critical innovation capital on 
groundbreaking research and development rather than regulatory burdens. 

It can take more than a decade and over $1 billion to bring a single biotechnology therapy 
from laboratory bench to hospital bedside. 

Biotech companies undertake the development process without the benefit of product 
revenue. Every dollar spent on regulatory compliance is an investment dollar diverted from 
innovation. 

Biotech companies have few employees, a simple corporate structure, and investors that 
are more concerned with clinical milestones than financial reporting. The cost of regulatory 
compliance often outweighs its benefit. 

Public company regulatory requirements deter early-stage private investors and prevent 
later-stage companies from accessing the capital available on the public market. 

The costs of Sarbanes-Oxley Section 404(b) compliance can be greater than $1 million per 
year for an average biotech company. These costs are borne at the expense of research 
and development. 

The SEC Rule 12b-2 filing status classifications that determine public company regulatory 
requirements are outdated and do not accurately represent the true nature of smaller 
companies. 



BIO Contact; Charles H. Fritts 
cfritts@bio.org 
(202) 962-6690 


109 


1 S- 

Testimonv of Jeffrey S. Hatfield 

Good morning Chairman Garrett, Ranking Member Waters, and Members of the 
Subcommittee. My name is Jeff Hatfield, and I am the President and Chief Executive Officer 
of Vitae Pharmaceuticals in Fort Washington, Pennsylvania. I am also a member of the 
Emerging Companies Section Governing Board at the Biotechnology Industry Organization 
(BIO). I want to thank you for the opportunity to speak with you today about the unique 
hurdles that biotechnology companies face in their search for groundbreaking medicines and 
how finding the important balance between regulations that protect investors and regulatory 
burdens that stifle growth is key to speeding the delivery of cures and treatments to 
patients who desperately need them. 

Vitae's experience is emblematic of a typical emerging biotech company. The long 
development period intrinsic to the groundbreaking research that we do means that it can 
take a decade to bring a therapy from laboratory bench to hospital bedside - and often, as 
in Vitae's case, it takes much longer. Our company was founded in late 2001, and we have 
spent the past ten years working toward treatments to some of the most widespread and 
devastating diseases that the world faces, including diabetes, Alzheimer's, atherosclerosis, 
and chronic kidney disease. Our lead product, a compound designed to preserve kidney 
function by inhibiting damage-causing renin, just completed Phase I clinical trials. Although 
we are optimistic about its progress, and that of the rest of our development pipeline, we 
expect to be in clinical trials for at least another four to six years before moving on to the 
approval process at the FDA. Quite simply, developing a novel therapy is a long, difficult 
process - but the results can save lives. Entrepreneurs across the biotech industry are 
conducting groundbreaking science like ours, and are deeply invested in treating the severe 
illnesses that families around the nation and world face. 

The story of biotech drug development is one of advancement. As a given molecule moves 
through the development process, it requires an ever increasing amount of resources to 
progress the drug candidate closer to a stage where it could save a patient's life. From the 
initial discovery in the lab and basic toxicology research to early Phase I studies and, 
eventually, sweeping Phase III trials to determine efficacy - the science involved gets ever 
more complex, and the clinical stakes get higher as companies move closer to a cure. 

However, while the science is increasingly intricate, our corporate structure remains 
essentially the same. After all, over 90% of biotech companies have fewer than 100 
employees. 1 Vitae has just 55. As scientists, we are innovators expanding the world's 
understanding of human life. As a corporation, we strive to stay as simple as possible so 
that the maximum amount of investment dollars can flow directly to our R&D. 

This efficiency is extremely important given the massive amount of funding required to 
develop a biotechnology treatment. The extended development period and groundbreaking 
science require over $1 billion to bring a single therapy to market. Further, the entire 
process is undertaken without the benefit of product revenue. Eariy-stage biotech 
companies do not have the luxury of using the sale of one product to finance the 
development of another. Rather, the entire cost of drug development is borne by external 
investors. These funds can be raised in any number of ways - seed financing from an angel 
investor could lead to increased investment from venture capitalists, a larger 
pharmaceutical company could offer a partnership opportunity, or public financing via the 
IPO market might be the appropriate avenue for a given firm. Most companies use some 
combination of financing methods to continue their research. But the common message 
from all investors is the utmost importance of using their funds efficiently. Companies and 


1 BIO Emerging Companies Section Membership Survey, 2011. 


2 



110 


if 

investors alike understand this key aspect of the biotech business model - because 
investment dollars go directly from the investor to the lab, any diverted funds are, by 
definition, lost to innovation. And any delay in innovation has a corresponding delay in the 
delivery of new medicines to patients who need them. 

The efficient use of investment funds has always been imperative for biotech companies, 
but it has taken on increased import given the current financing environment. In 2011, the 
total number of investment deals between biotech companies and venture capitalists 
dropped 8%, 2 and a recent National Venture Capital Association (NVCA) study found that 
41% of VCs decreased their investments in the biopharma sector over the last three years. 3 
This trend has hit small companies the hardest, as the number of start-ups receiving 
funding in 2011 dropped 19% from 2010. Further, there were only 98 first round venture 
deals with biotechnology companies in 2011, a significant drop from the industry's peak of 
141 in 2007. 4 Small, start-up companies are the innovative heart of our industry, but 
depressed financing means that potential cures and treatments are often left on the 
laboratory shelf. 

Biotech companies considering the public market are also facing a decline in capital 
availability. In 2011, there were only eight IPOs of venture-backed biotech companies. 

Those IPOs raised $517 million, down from the $1.2 billion raised in 2007 by 19 IPOs. 5 
Although the industry is slowly recovering from its recession-induced nadir (in 2008 there 
was only one biotechnology IPO), this progress has been made almost entirely by larger, 
more mature companies. These more established companies are getting better deals and 
emerging companies making their first forays onto the public market are getting squeezed 
out. Small companies that do manage to make it onto the public market often face an 
underpriced IPO and a lack of liquidity. 

These private and public financing problems are not independent of one another. A 
significant reason for reluctance in venture investing has been the inaccessibility of the 
public markets. Venture capital investors need to know that they will have an exit through 
which they can get a return on their investment; often, they look for this exit when a 
company files for an IPO. With companies reluctant to go public, venture capital firms are 
turning elsewhere to make their investments, leading to a dearth of innovation capital for 
biotechnology. 

Given the increased difficulty of obtaining essential funding, the efficient use of capital is of 
utmost importance. Regulatory burdens that impose significant costs, then, have become 
increasingly damaging. In a 2011 survey conducted by the IPO Task Force, 86% of CEOs 
cited "accounting and compliance costs" and 80% cited "SOX and regulatory risks" as key 
concerns about going public. 6 Biotech companies that would otherwise look to the public 
market to fund their late-stage trials are reconsidering, fearful of the costly regulations that 
often stifle their progress by siphoning off research dollars. 

The Sarbanes-Oxlev Act of 2002 

This coming Sunday will mark ten years since the Sarbanes-Oxley Act (SOX) was signed 
into law by President Bush. Enacted as a response to scandals at Enron and WorldCom, 


2 NVCA/PWC MoneyTree Report: Q4 2011. Data provided by Thomson Reuters. 

3 NVCA and MedIC. "Vital Signs: The Crisis in Investment in U.S. Medical Innovation and the Imperative of FDA 
Reform." October 2011. 

4 Inside BIO Industry Analysis. "Venture Capital increases in 2011, but..." 24 January 2012. 

5 Rockoff, Jonathan D. and Pui-Wing Tam. "Biotech Funding Gets Harder to Find," Wall Street Journal. 16 March 2012. 

6 IPO Task Force. "Rebuilding the IPO On-Ramp." October 2011. 


3 



Ill 



among others, SOX seeks to protect investors through greater transparency. I support this 
goal. Large, multi-national corporations have thousands of investors and a complicated 
corporate structure that can be obdurately opaque to an outside observer. 

In the biotech industry, an informed investor is a good one. However, the information that 
these investors want and need does not always align with what is required by SOX. Section 
404(b) requires an expensive external attestation of a public company's internal controls, to 
be disclosed to investors on an annual basis. The true value of a biotech company is found 
in scientific milestones and clinical trial advancement toward FDA approvals rather than 
financial disclosures of losses incurred during protracted development terms. The business 
model of biotechnology is simple - we take in millions of dollars to fund our research and 
often do not earn a single penny in product revenue for more than a decade. Our science is 
the interesting part of our business, and it is the most important thing for investors to 
understand. Investors make their decisions based on scientific results and development 
milestones, not the statements and reports mandated by Section 404(b). Thus, the 
financial reporting required does not provide much insight for potential investors, meaning 
that the high cost of compliance far outweighs its benefits. 

In fact, spending capital on regulatory burdens can actually slow the development process, 
increasing the time it takes to reach the important milestones that trigger new investments. 
Without product revenue, biotech companies on the public market are forced to ask 
investors to pay for SOX reporting rather than scientific research. The cost burden of these 
regulations, and therefore the amount of capital diverted from R&D, is significant. In 2011, 
an SEC study found the costs of Section 404 compliance to be nearly $1 million for 
companies with a public float between $75 million and $250 million. 7 We have done 
internal analysis at Vitae and arrived at a similar figure - if we decided to go public, it would 
cost us roughly $1 million annually to comply with SOX Section 404(b), to say nothing of 
the steep learning curve, and corresponding costs, that the first few years of compliance 
would entail. For a company with just 55 employees, compliance would cost nearly $20,000 
for each person on our staff. This cost would be borne entirely by our investors. 

Congress has taken some steps to relieve the cost of this regulatory burden. In 2010, 
Dodd-Frank provided a permanent exemption from Section 404(b) compliance for non- 
accelerated filers, those with a public float below $75 million. This change was welcome, 
and has allowed the smallest of companies on the public market to escape the costs of SOX. 
More recently. Congress passed the JOBS Act, providing emerging growth companies five 
years to transition onto the public market, during which time they are exempt from 404(b) 
compliance provided their revenues remain below $1 billion and their public float stays 
under $700 million. 

This five-year exemption, in combination with the other regulatory allowances provided by 
the JOBS Act IPO on-ramp, is already proving alluring to growing biotech companies. Since 
President Obama signed the JOBS Act into law on April 5, 46 companies have taken the step 
toward the public market as an emerging growth company, either by filing a new S-l or by 
taking advantage of the provision's retroactivity to December 8, 2011 and submitting an S- 
1/A to amend their existing filing. Of those 46 filers, 12 were biotech companies. 8 Further, 

I understand that many other companies are taking advantage of the confidential filing 
process made available by the JOBS Act. The fact that over a quarter of the emerging 

7 SEC, Office of the Chief Accountant. "Study and Recommendations on Section 404(b) of the Sarbanes-Oxiey Act 
of 2002 for Issuers With Public Float Between $75 and $250 Million." April 2011. 

s Analysis of post-JOBS S-l and S-l/A filings. This data only includes companies which have filed publicly. The 
JOBS Act contains a provision allowing emerging growth companies to file a confidential draft registration 
statement with the SEC; the confidential nature of those S-ls makes them impossible to track. 


4 



growth companies that have filed publicly are from the biotech industry shows both the 
desire of growing biotechs to access the capital available on the public market and their 
reluctance to do so in the face of costly regulatory burdens. 

While the five years of non-compliance in the JOBS Act will provide an easier transition 
period post-IPO, it remains the reality that the biotech development period is much longer 
than five years, and that small biotech companies will still be without product revenue after 
the on-ramp expires and SOX compliance kicks in. They will then be forced to ask their 
investors to pay for bureaucratic red tape rather than innovative research. Further, the 
JOBS Act did not address the needs of companies that are currently on the public market. 
These companies are already complying with Section 404(b), with no relief in sight. The 
cost of this compliance is millions of dollars of diverted funds for the company, and delayed 
medical breakthroughs for patients. 

H.R. 6161. the Fostering Innovation Act 


Rep. Mike Fitzpatrick has Introduced legislation to relieve smaller companies of the cost 
burden caused by Sarbanes-Oxley and other onerous regulations. H.R. 6161, the Fostering 
Innovation Act, would amend the filing status classifications in SEC Rule 12b-2 to provide a 
more accurate picture of the growing businesses that are weighed down by the various 
reporting requirements obligatory for public companies. 

Rule 12b-2 establishes three distinct classifications by which public companies determine 
their filing status. A company's filing status carries with it a designation of its regulatory 
burden, designed to increase as a company gets larger and more complex. The filing status 
classifications are defined in terms of a company's public float: 

• large accelerated filers - companies with a public float of more than $700 million; 

• accelerated filers - those with a public float of more than $75 million but less than 
$700 million; and 

• non-accelerated filers - companies with a public float of less than $75 million. 

Because the filing statuses for accelerated and large accelerated filers carry with them 
onerous regulatory duties and compliance costs, finding a method of designation that fairly 
captures a company's profile is essential. The SEC understands that there should not be a 
one-size-fits-all approach to public company regulation, but the current filing classifications 
are outdated and do not reflect the true nature of many small public companies. 

Despite their simple corporate structure and lack of product revenue, many biotechs have a 
relatively high public float. Although Vitae is still private, we believe that if we filed for an 
IPO our public float could be In the $75 million to $250 million range that the SEC studied in 
2011, as mandated by Dodd-Frank. Biotechs often find themselves grouped with the 
accelerated filers and obliged to comply with the numerous regulatory burdens attendant to 
that definition, including SOX. 

Rep. Fitzpatrick's bill would raise the minimum public float requirement for accelerated filers 
to $250 million, classifying companies with public floats below that level as non-accelerated 
filers. This increase from $75 million to $250 million would allow start-ups to expand and 
change without fear of impeding their growth with costly regulations. Many biotechs have 
public floats in or near that range, and the flexibility provided by H.R. 6161 would allow 
them to focus on their innovative research rather than shifting funds to compliance costs. 



The Fostering Innovation Act would also add a revenue component to the accelerated filer 
definition. Under the bill, accelerated filers would be described as those with revenues in 
excess of $100 million. Thus, any company with revenues below $100 million, regardless of 
public float, would be considered a non-accelerated filer. As I have mentioned, the most 
damaging facet of SOX for the biotech industry has been the diversion of investment funds 
from science to compliance in the absence of product revenue. Rep. Fitzpatrick's bill reflects 
this reality by classifying low-revenue companies as non-accelerated filers. If enacted, H.R. 
6161 will ensure that critical innovation capital is spent on groundbreaking research and 
development rather than regulatory burdens. 

Complying with non-accelerated filer standards rather than those required of accelerated 
filers would provide tremendous relief for growing companies. The exemption from SOX 
Section 404(b) alone would save innovative start-ups millions of dollars. Additionally, non- 
accelerated filers have a relaxed timeline for their quarterly disclosures because their small 
size and lack of a large compliance department make the filings more onerous - attributes 
shared by biotech companies currently in the accelerated filer bucket. Non-accelerated 
filers also enjoy certain allowances within those filings, including exemptions from 
Compensation Discussion and Analysis (CD&A) reporting, the elimination of certain 
disclosures about market risk and other risk factors, and exclusions for some financial data. 
These changes would allow small biotech companies to focus on their mission of delivering 
cures and treatments to patients who need them rather than time-consuming and costly 
reporting. 

The regulatory allowances in H.R. 6161 would not extend to accelerated or large accelerated 
filers. The bill maintains the important investor protections required of these large 
companies while recognizing the simpler corporate structure of non-accelerated filers. 
Updating the filing status definitions in Rule 12b-2 would reflect the true nature of small 
public companies while maintaining important requirements for larger corporations. New 
definitions would group companies with common characteristics together, giving the SEC 
more accurate classifications and providing important regulatory relief to innovative 
startups. 

Public Company Accounting Oversight Board ( PCAOB1 

Section 404(b) compliance for small public companies has received the bulk of the attention 
paid to Sarbanes-Oxley in the ten years since its enactment, but the law contained much 
more than this one provision. Notably, Title I of SOX established the Public Company 
Accounting Oversight Board (PCAOB). Better alignment of the interests of shareholders 
with the interests of independent audit committees and oversight authorities was an 
important objective of SOX. 

I do believe overall audit quality has been improved as a result of PCAOB inspections and 
standard-setting. However, there are other areas of concern in which potential PCAOB 
action could place additional undue burdens on small public companies. 

Last August, the PCAOB issued a concept release on auditor independence and asked for 
public comment on mandatory audit firm rotation. The concept release suggested that 
requiring public companies to change audit firms periodically would increase independence 
and skepticism in the audit report. However, I believe such a requirement could result in a 
prohibitive added cost to the public company, with very little added benefit to the investor. 
Increased audit fees, combined with a steep learning curve for each new audit firm, would 
greatly increase the cost burden on growing companies. Biotech companies in particular 
would bear the brunt of the proposed changes, as there are relatively few audit firms that 



are familiar with our industry. Increased costs combined with an extended transition period 
to bring a new firm up to speed would distract from and delay the search for cures and 
treatments. 

Additionally, the PCAOB issued another concept release last year to revise the standard 
audit report to include more information. While I do not object to the principle proposed, it 
is important to prevent such a requirement from placing significant increased liability on the 
auditor, thus greatly increasing costs for small public companies. 

It is important to note - especially when debating the value of 404(b) compliance - that 
SOX did enhance corporate accounting in many ways. Sarbanes-Oxley took necessary steps 
to combat corporate accounting fraud by boosting penalties for such white-collar crime. I 
believe these steps aided in restoring investor confidence and continue to help weed out 
corporate bad actors. That said, as we acknowledge the ten year anniversary of SOX, 
Congress has the opportunity to reexamine which parts of the Act continue to provide 
important investor protections and which are driving businesses away from the United 
States through costly overregulation. 

Closing Remarks 

The biotechnology industry is a significant economic growth engine, directly employing 1.6 
million Americans and supporting an additional 3.4 million jobs. 9 The goal of our industry is 
to find and deliver cures for the devastating diseases that each of us - personally or among 
families and friends - will likely have to face. But there are tremendous challenges to 
overcome. One of the most significant for the broad array of small companies that make up 
the biotech industry is funding the extremely high cost of conducting research. It forces us 
to be very efficient and careful with each dollar we are able to attract from investors. 

When regulatory requirements exceed or do not align with the primary needs of the public 
or investors, that regulation becomes an unnecessary expense burden, meaningfully and 
directly subtracting from the investment capital driving the discovery and advancement of 
potential scientific breakthroughs. Some of the regulatory requirements imposed by 
Sarbanes-Oxley fit that definition. Those regulations increase bureaucracy and operating 
costs for biotech companies, taking away money from research, blocking job creation, and 
slowing the overall development of science in our labs. If Congress can relax this regulatory 
burden on small companies like those found in the biotech industry, it will allow innovators 
and entrepreneurs to continue working toward delivering the next generation of medical 
breakthroughs - and, one day, cures - to patients who need them. 


Battelle/BIO State Bioscience Industry Development 2012. Battelle Technology Partnership Practice, June 2012. 



115 


C fei 

financial executives 
internation ai 

4¥wwli«3ndalgxecutivss^)rg 


Testimony of Marie N. Hollein, CTP 
President and Chief Executive Officer 
Financial Executives International 


Before the 

Subcommittee on Capital Markets 
and Government Sponsored Enterprises 
Committee on Financial Services 
U.S. House of Representatives 


On the Topic of 

The 10 lh Anniversary of the Sarbanes-Oxley Act 


July 26, 2012 



116 


Prepared Testimony to the Subcommittee on Capital Markets and Government 
Sponsored Enterprises 


By Marie N. Hollein, CTP 

President and Chief Executive Officer, Financial Executives International 
On Behalf of Financial Executives International 
July 26, 2012 


Good morning Chairman Garrett, Ranking Member Waters, and members of the 
subcommittee, l am pleased to testify before you today concerning “The 10th Anniversary 
of the Sarbanes-Oxley Act,” which continues to impact members of the organization I lead. 
Financial Executives International. 

FEI is a professional organization of 15,000 senior-level financial executives — including 
chief financial officers, controllers, treasurers, and tax executives — from more than 8,000 
private and public companies, across all industries. 

FEI provides a unique forum for senior-level financial executives, and its mission 
incorporates what we refer to as the “4 I’s”: 

• Interaction; 

• Information; 

• Influence; and 

• Integrity 

These pillars are paramount for FEI members, and serve as our policymaking roadmap in 
Washington. 

Integrity is not only the bedrock for our organization; it is the necessary first principle for 
effective markets. From families saving for retirement to professionals managing billions 
of dollars, every investor depends on accurate and reliable financial reporting. Without the 
trust that comes with market integrity and sound corporate governance: investors 
withdraw, capital markets wither, companies cannot grow and jobs become scarce. 

Ten years ago, after corporate scandals began to damage investor confidence in this 
country, Congress passed Sarbanes-Oxley. Today, with the benefit of hindsight and 
history, we have an opportunity to examine what has worked in the realm of corporate 
governance, and how we might do better in the future. 


2 



117 


In my statement today, I will cover four issues: 

• FEI’s role in Sarbanes-Oxley; 

• The costs and benefits of the law; 

• How it compares to Dodd-Frank; and 

• Other on-going, anti-fraud initiatives. 

Over the course of the Sarbanes Oxley debate, FEI offered several recommendations that 
Congress eventually adopted into the legislation, these included provisions concerning 
auditor independence, whistleblowers, the creation of the PCAOB and the addition of a 
financial expert to companies’ audit committees. FEI also recognized that while the vast 
majority of financial executives conduct themselves with unwavering integrity, because of 
our special role in corporate governance, our members need to adhere to a specialized code 
of ethical conduct. This recommendation resulted in the requirement that a company’s 
CEO, CFO and/or CAO certify the firm’s financial statements. 

The requirement that CEOs personally certify their company’s financial statements is the 
crown jewel of Sarbanes-Oxley. This personal responsibility sets the tone at the top, 
increasing accountability and driving better corporate governance. 

After its passage, even ardent supporters of SOX acknowledged portions of the law were 
costly and time-consuming. The vast majority of financial executives found the initial SEC 
and PCAOB rules implementing SOX were overly prescriptive. The SEC and PCAOB 
incorporated this feedback into subsequent rule-makings, which FEI appreciates. 

Attempting to measure the cost of SOX, FEI has annually conducted an Audit Fee Survey. 
We found that for public companies who responded to our survey regarding their audit fees 
for the year 201 1 , on average, fees continue to rise 5% from the prior year, to $4 million 
per company. Clearly, the cost of compliance continues to grow. 

Sarbanes-Oxley has clearly increased audit fees and the hours devoted to audits for our 
members. But, our members are now facing additional costs on a much greater scale 
stemming from Dodd-Frank. When comparing these two laws, Dodd-Frank trumps 
Sarbanes-Oxley in size and scope, but also in the sheer number of rules that even non- 
financial companies must comply with. SOX required only 14 new SEC rules, whereas 
Dodd-Frank requires the SEC to tackle 100 new rulemakings. 

Remember, most of our members work for Main Street, not Wall Street, businesses. Yet 
even for them, the Volcker rule carries liquidity impacts. And, derivatives regulation is 
likely to increase costs and hinder risk management practices for senior-level financial 
executives in every industry. 


3 



118 


With respect to H.R. 6161 offered by Congressman Fitzpatrick, while FEI currently does 
not have a position on the bill, a number of our members’ companies would benefit from 
the increase in reporting flexibility it provides. 

As we look back at older laws, and consider new ones, it is important to remember that 
new laws and regulations are not the only path to better markets. FEI also believes strongly 
in ‘stepping up’ to the plate to research, improve and share best practices in deterring and 
detecting fraud. For example: 

> FEI is one of the five founding members of COSO, the Committee of Sponsoring 
Organizations of the Treadway Commission. Currently, COSO is updating its 
Internal Control - Integrated Framework which is widely utilized by auditors in 
examining a company’s internal controls and ensuring their effectiveness. 

> FEI is also a member of the Anti-Fraud Collaboration. The collaboration draws on 
expertise from across the financial reporting supply chain, and sponsors anti-fraud 
education and projects for the profession. 


Ensuring market integrity is at the center of each of our efforts, and the goal of all of us in 
this room today. Thank you for the opportunity to address you this morning. 1 look forward 
to your questions on these and other topics. 


4 



The Institute of 
Internal Auditors 

Statement of 

The Institute of Internal Auditors 
House Committee on Financial Sendees 
Subcommittee on Capital Markets and Government Sponsored Enterprises 
“The 10 ,h Anniversary of the Sarbanes-Oxley Act” 


Chairman Garrett, Ranking Member Waters and members of the Subcommittee: 

The Institute of Internal Auditors (The IIA) is pleased to submit this written statement for the record 
in connection with this important hearing. 

The IIA is the internal audit profession’s global voice, acknowledged leader, chief advocate, and 
principal educator. As the profession’s recognized authority, The IIA has actively supported its 
members in their role of assisting organizations implement and execute the requirements of the 
Sarbanes-Oxley Act (Sarbanes-Oxley). We appreciate the chance to provide Congress with our 
perspective on the importance of strong corporate governance, risk management and internal 
controls as enhanced by Sarbanes-Oxley as it relates to financial reporting. 

Established in 1941, The IIA is the sole recognized world leader in certification, education, 
research, standards and guidance for the internal audit profession. The HA’s more than 175,000 
global members (of which over 63,000 are in the United States) work across a wide range of 
disciplines, including internal auditing, risk management, governance, internal control, information 
technology audit, education, and security. The IIA is dedicated to supporting quality, professional, 
and ethical practices across all industry sectors as well as public enterprises, providing internal audit 
practitioners, executive management, boards of directors, and audit committees with guidance 
designed to enhance governance, risk management and control. We are engaged with many 
government, professional and standard setting bodies around the world as they all pursue enhancing 
organizational governance, risk management, and control activities. 

The Sarbanes-Oxley Act was designed, among other things, to improve corporate governance and 
restore investor confidence in the wake of notable scandals such as Enron and WorldCom. The 
legislation included a number of reforms intended to, for example, improve the reliability of 
corporate financial reporting. Sarbanes-Oxley helped achieve this by establishing oversight of 
public company audits, requiring certification of financial statements by the chief executive officer 
(CEO) and chief financial officer (CFO), and requiring greater independence from audit committees 
and auditors. As we approach the tenth anniversary of this landmark legislation. The IIA believes 
such legislative reforms, while never perfect, have brought key financial reporting matters to the 



The institute of 
Internal Auditors 

forefront of corporate consciousness and have resulted in meaningful improvement in the 
disciplines associated with the integrity of reported financial data and related operating results. 
Internal audit plays a significant role in overall corporate governance. The IIA believes the four 
cornerstones of effective corporate governance are the Board of Directors (supported by a well 
qualified audit committee), executive management, internal audit, and external auditor. When these 
governance cornerstones work effectively, internal controls are enhanced, reporting has greater 
integrity, ethics are stressed, oversight is improved, risks are more effectively identified and 
mitigated, and, most importantly, investor confidence can be restored and maintained. 

Since Sarbanes-Oxley was enacted, these cornerstones have been improved, as companies have 
become more transparent and vigilant in managing and mitigating the risk of inaccurate or 
fraudulent financial reporting. In so doing, many companies have significantly enhanced their 
understanding of key risks and controls surrounding the financial reporting process. The IIA agrees 
that effectively mitigating risk and having appropriately robust control processes around financial 
reporting is paramount and should be a major priority for board and audit committee members as 
well as executive management. 

Good organizational governance is simply good business. Sarbanes-Oxley, while not perfect, has 
created a foundation for the future of corporate governance and internal controls in support of 
financial integrity and reporting. There are many who can and will, appropriately, debate the 
benefits and burdens resulting from the Sarbanes-Oxley legislation. Many will also say that you 
can never legislate ethics, with such legislation only making already ethical people work harder. 
However, in the end, the responsibilities and accountabilities placed on Corporate America as a 
result of Sarbanes-Oxley, on the whole, have made a positive impact. We applaud this 
subcommittee’s activities to assess the impacts of Sarbanes-Oxley at its one decade anniversary. 
Like any piece of significant legislation, there likely remain opportunities to better focus some 
aspects of the legislation and related regulations, clarify its intent, and reduce the associated costs. 
We would be honored to be an active participant in future conversations and debates as this topic 
progresses. 

Today, more than ever, internal auditing is critical to strong corporate governance. As noted by 
Carlo di Florio, Director of the Securities and Exchange Commission Office of Compliance 
Inspections and Examinations, the financial crisis should serve as a reminder of the fundamental 
need for stronger ethics, risk management, and regulatory compliance practices to prevail. The IIA 
believes every organization, regardless of size, benefits from a fully resourced and professionally 
competent internal audit staff that provides value-added services critical to efficient and effective 
organizational management. 

Internal auditors are well versed in risk management and control and are capable of helping 
companies address complex business challenges. Performed by professionals with an in-depth 
understanding of the business culture, systems and processes, internal audit assists their 
organizations by independently identifying and examining risks and controls supporting the 
accuracy of financial reporting. In particular, internal auditors can be instrumental in reporting risks 



121 



The Institute of 
Internal Auditors 

threatening the achievement of strategic and operational objectives, as well as helping identify 
potential fraud involving management or others. When optimized, internal audit can fulfill its most 
fundamental role — that of supporting management’s and boards of directors’ ethical pursuit of 
achieving organizational objectives. 

The I1A stands ready to assist Congress and the regulators raise the standards of business conduct 
and impress on organizations the need to follow sound corporate governance practices, all in the 
pursuit of cost-effectively enhancing long-term investor confidence. 


3 



122 


Page 141 of 260 


LEHMAN BROTHERS HOLDINGS INC. 


ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA 


(a) Financial Statements 

Management’s Assessment of Internal Control over Financial Reporting 

Report of Independent Registered Public Accounting Finn 
on Interna] Control over Financial Reporting 

Report of Independent Registered Public Accounting Finn 

Consolidated Financial Statements 


Consolidated Statement of Income — v 

Years Ended November 30. 2007. 2006 and 2005 85 


Consolidated Statement of Financial Condition — 

November 30, 2007 and 2006 86 


Consolidated Statement of Changes in Stockholders’ Equity — 

Years Ended November 30. 2007. 2006 and 2005 88 


Consolidated Statement of Cash Flows— 

Years Ended November 30. 2007. 2006 and 2005 90 


Notes to Consolidated Financial Statements "2 

(b) Condensed unconsolidated financial information of Holdings and notes thereto are set forth in Schedule I beginning on 
Page 

F-2 in this Form 1 0-K and are incorporated herein by reference. Holdings has issued a full and unconditional guarantee 
of certain outstanding and future debt securities of its wholly-owned subsidiary, Lehman Brothers Inc. Condensed 
consolidating financial information pursuant to Rule 3-10(c) of Regulation S-X is set forth in Note 8 of the notes to 
such condensed unconsolidated financial information in Schedule I. 

-81- 


http ://vYvw.seagov/Ar$^ 1 0465908005476/a08-3 53 0__1 1 Ok.litm 7/23/2012 



123 


Page 142 of 260 


LEHMAN BROTHERS HOLDINGS INC. 

Management’s Assessment of Internal Control over Financial Reporting 

The management of Lehman Brothers Holdings Inc. (the “Company”) is responsible for establishing and maintaining adequate 
internal control over financial reporting. The Company’s internal control system is designed to provide reasonable assurance to 
the Company’s management and Board of Directors regarding the reliability of financial reporting and the preparation of 
published financial statements in accordance with generally accepted accounting principles. All internal control systems, on o 
matter how well designed, have inherent limitations'. Therefore, even those systems determined to be effective can provide 
only reasonable assurance with respect to financial statement preparation and presentation. 

The Company’s management assessed the effectiveness of the Company’s internal control over financial reporting as of 
November 30, 2007. In making this assessment, it used the criteria set forth by the Committee of Sponsoring Organizations of 
the Treadway Commission (COSO) in Internal Control-Integrated Framework. Based on our assessment we believe that, as 
of November 30, 2007, the Company’s internal control over financial reporting is effective based on those criteria. 

-82- 


http://www.sec.gov/ArcMves/edgar/data/806085/0001 1 0465908005476/a08-3530_l 1 Ok.htm 7/23/2012 




124 


Page 143 of 260 


LEHMAN BROTHERS HOLDINGS INC. 

Report of Independent Registered Public Accounting Firm 
To The Board of Directors and Stockholders of Lehman Brothers Holdings Inc. 

We have audited Lehman Brothers Holdings Inc.’s (the “Company”) internal control over financial reporting as of 
November 30, 2007, based on criteria established in Internal Control — Integrated Framework issued by the Committee of 
Sponsoring Organizations of the Treadway Commission (the COSO criteria). The Company’s management is responsible for 
maintaining effective internal control over financial reporting, and for its assessment of the effectiveness of internal control 
over financial reporting included in the accompanying Management’s Assessment of Internal Control over Financial 
Reporting. Our responsibility is to express an opinion on the Company ’s internal control over financial reporting based on. dur 
audit. 

We conducted our audit in accordance with the standards of the Public Company Accounting Oversight Board (United States). 
Those standards require that we plan and perform the audit to obtain reasonable assurance about whether effective internal 
control over financial reporting was maintained in all material respects. Our audit included obtaining an understanding of 
internal control over financial reporting, assessing therisk that a material weakness exists, testing and evaluating the design 
and operating effectiveness of internal control based on the assessed risk, and perform ing such other procedures as we 
considered necessary in the circumstances. We believe that our audit provides a reasonable basis for our opinion. 

A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the 
reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally 
accepted accounting principles. A company’s internal control over financial reporting includes those policies and procedures 
that ( 1 ) pertain to the maintenance of records that, in. reasonable detail, accurately and fairly reflect the transactions and 
dispositions of the assets of the company; (2) provide reasonable assurance that transactions are recorded as necessary to 
permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and 
expenditures of the company are being made only in accordance with authorizations of management and directors of the 
company; and (3) provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or 
disposition of the company’s assets that could have a material effect on the financial statements. 

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, 
projections of any evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate 
because of changes in conditions, or that the degree of compliance with the policies or procedures may deteriorate. 

In our opinion, the Company maintained, in all material respects, effective internal control over financial reporting as of 
November 30, 2007, based on the COSO criteria. 

We also have audited, in accordance with the standards of the Public Company Accounting Oversight Board (United States), 
the consolidated statement of financial condition of the Company as of November 30, 2007 and 2006, and the related 
consolidated statements of income, changes in stockholders’ equity, and cash flows for each of the three years in the period 
ended November 30, 2007 of the Company and our report dated January 28, 2008 expressed an unqualified opinion thereon. 

^-U'y^.LL'P 

New York, New York 
January 28, 2008 


http://'ww r w.sec.gov/Afckives/edgar/data/806085/0001 1 0465908005476/a08-3530_J 1 0k.htm 7/23/2012 




125 


Page 144 of 260 


LEHMAN BROTHERS HOLDINGS INC. 

Report of Independent Registered Public Accounting Firm 
To The Board of Directors and Stockholders of Lehman Brothers Holdings Inc. 

We have audited the accompanying consolidated statement of financial condition of Lehman Brothers Holdings Inc. (the 
“Company”) as of November 30, 2007 and 2006, and the related consolidated statements of income, changes in stockholders’ 
equity, and cash flows for each of the three years in the period ended November 30, 2007. Our audits also included the 
financial statement schedule listed in the Index at Item 15(a). These financial statements and schedule are the responsibility of 
the Company’s management. Our responsibility is to express an opinion on these financial statements based on our audits. 

We conducted our audits in accordance with the standards of the Public Company Accounting Oversight Board (United 
States). Those standards require that we plan and perform the audit to obtain reasonable assurance about whether the financial 
statements are free of material misstatement. An audit includes examining, on a test basis, evidence supporting the amounts 
and disclosures in the financial statements. An audit also includes assessing the accounting principles used and significant 
estimates made by management, as well as evaluating the overall financial statement presentation. We believe that our audits 
provide a reasonable basis for our opinion. 

In our opinion, the financial statements referred to above present fairly, in all material respects, the consolidated financial 
position of Lehman Brothers Holdings Inc. at November 30, 2007 and 2006, and the consolidated results of its operations and 
its cash flows for each of the three years in the period ended November 30, 2007, in conformity with U.S. generally accepted 
accounting principles. Also, in our opinion, the related financial statement schedule, when considered in relation to the basic 
financial, statements taken as a whole, presents fairly in all material respects the information set forth therein. 

We also have audited, in accordance with the standards of the Publ ic Company Accounting Oversight Board (United States), 
the effectiveness of Lehman Brothers Holdings Inc.’s internal control over financial reporting as of November 30, 2007, based 
on criteria established in Internal Control-Integrated Framework issued by the Committee of Sponsoring Organizations of the 
Treadway Commission and our report dated January 28, 2008 expressed an unqualified opinion thereon. 

New York, New York 
January 28, 2008 

. -84- 


http://m\ r w r .sec.gov/Archives/edgar/data/806085/000 1 1 0465908005476/a08-3530_l 1 0k.htm 7/23/2012 




126 


CORP 1 OK 2011 


Page 259 of 529 


Management’s report on internal control over financial reporting 


Management of JPMorgan Chase & Co. {“JPMorgan 
Chase” or the "Firm”) is responsible for establishing and 
maintaining adequate interna! control over financial 
reporting. Internal control over financial reporting is a 
process designed by, or under the supervision of, the 
Firm’s principal executive and principal financial officers, 
or persons performing similar functions, and effected by 
JPMorgan Chase’s Board of Directors, management and 
other personnel, to provide reasonable assurance 
regarding the reliability of financial- reporting and the 
preparation of financial statements for external purposes 
in accordance with accounting principles generally 
accepted in the United States of America. 

JPMorgan Chase’s internal control over financial 
reporting includes those policies and procedures that 

(1) pertain to the maintenance of records, that, in 
reasonable detail, accurately and fairly reflect the 
transactions and dispositions of the Firm’s assets; 

(2) provide reasonable assurance that transactions are 
recorded as necessary to permit preparation of financial 
statemehts in accordance with generally accepted 
accounting principles, and that receipts and 
expenditures of the Firm are being made only in 
accordance with authorizations of JPMorgan Chase’s 
management and directors; and (3) provide reasonable 
assurance regarding prevention or timely detection of 
unauthorized acquisition, use or disposition of the Firm’s 
assets that could have a material effect on the financial 
statements. 

Because of its inherent limitations, internal control over 
financial reporting may not prevent or detect 
misstatements. Also, projections of any evaluation of 
effectiveness to future periods are subject to the risk that 
controls may become inadequate because of changes in 
conditions, or that the degree of compliance with the 
policies or procedures may deteriorate. 


Management has completed an assessment of the 
effectiveness of the Firm’s internal control over financial 
reporting as of December 31, 2011. In making the 
assessment, management used the framework in 
“internal Control — integrated Framework” promulgated 
by the Committee of Sponsoring Organizations of the 
Treadway Commission, commonly referred to as the 
“COSO'’ criteria. 

Based upon the assessment performed, management 
concluded that as of December 31 , 201 1 , JPMorgan 
Chase's internal control over financial reporting was 
effective based upon the COSO criteria. Additionally, 
based upon management's assessment, the Firm 
determined that there were no material weaknesses in 
its internal control over financial reporting as of 
December 31, 2011. 

The effectiveness of the Firm’s internal control over 
financial reporting as of December 31, 2011 , has been 
audited by PricewaterhouseCoopers LLP, an 
independent registered public accounting firm, as stated 
in their report which appears herein. 


i/W- 


James Dimon 

Chairman and Chief Executive Officer 




Douglas L. Braunstein 

Executive Vice President and Chief Financial Officer 


February 29, 2012 


176 


JPMorgan Chase & Co, 72011 Annual Report 


'http://sec.gov/Arcliives/edgar/data/l 9617/000001 96 1 7 1 20001 63/corpl 0k20 1 1 .htm 7/23/2012 



127 


CORP 1 OK 2011 


Page 260 of 529 


Report of independent registered public accounting firm 


pwc 


To the Board of Directors and Stockholders of 
JPMorgan Chase & Co.: 

In our opinion, the accompanying consolidated balance 
sheets and the related consolidated statements of 
income, changes in stockholders’ equity and 
comprehensive income and cash flows present fairly, in 
all material respects, the financial position of JPMorgan 
Chase & Co. and its subsidiaries (the “Firm”) at 
December 31, 201l'and 2010, and the results of their 
operations and their cash flows for each of the three 
years in the period ended December 31 , 201 1 , in 
conformity with accounting principles generally accepted 
in the United States of America. Also in our opinion, the 
Firm maintained, in all material respects, effective 
internal control over financial reporting as of 
December 31 ,2011, based on criteria established in 
Internal Control - Integrated Framework issued by the 
Committee of Sponsoring Organizations of the Treadway 
Commission (COSO). The Firm's management is 
responsible for these financial statements, for 
maintaining effective internal control over financial 
reporting and for its assessment of the effectiveness of 
internal control over financial reporting, included in the 
accompanying "Management's report on internal control 
over financial reporting.” Our responsibility is to express 
opinions on these financial statements and on the Firm’s 
internal control over financial reporting based on our 
integrated audits. We conducted our audits in 
accordance with the standards of the Public Company 
Accounting Oversight Board (United States). Those 
standards require that we plan and perform the audits to 
obtain reasonable assurance about whether the financial 
statements are free of material misstatement and 
whether effective internal control over financial reporting 
was maintained in all material respects. Our audits of the 
financial statements included examining, on a test basis, 
evidence supporting the amounts and disclosures in the 
financial statements, assessing the accounting principles 
used and significant estimates made by management, 
and evaluating the overall financial statement 
presentation. Our audit of internal control over financial 
reporting included obtaining an understanding of internal 
control over financial reporting, assessing the risk 


that a material weakness exists, and testing and 
evaluating the design and operating effectiveness of 
internal control based on the assessed risk. Our audits 
also included performing such other procedures as we 
considered necessary in the circumstances. We believe 
that our audits provide a reasonable basis for our 
opinions. 

A company's internal control over financial reporting is a 
process designed to provide reasonable assurance 
' regarding the reliability of financial reporting and the 
preparation of financial statements for externa! purposes 
in accordance with generally accepted accounting 
principles. A company's internal control over financial 
reporting includes those policies and procedures that 
(i) pertain to the maintenance of records that, in 
reasonable detail, accurately and fairly reflect the 
transactions and dispositions of the assets of the 
company; (ii) provide reasonable assurance that 
transactions are recorded as necessary to permit 
preparation of financial statements in accordance with 
generally accepted accounting principles, and that 
receipts and expenditures of the company are being 
made only in accordance with authorizations of 
management and directors of the company; and 
(iii) provide reasonable assurance regarding prevention 
or timely detection of unauthorized acquisition, use, or 
disposition of the company's assets that could have a 
material effect on the financial statements. 

Because of its inherent limitations, internal control over 
financial reporting may not prevent or detect 
misstatements. Also, projections of any evaluation of 
effectiveness to future periods are subject to the risk that 
controls may become inadequate because of.changes m 
conditions, or that the degree of compliance with the 
policies or procedures may deteriorate. 

February 29, 2012 


http://sec.gov/Axchives/edgar/data/19617/000001961712000163/corpl0k2011.litm 7/23/2012 



128 


BEAR S TEARNS COMPANIES INC - Annual Report (10-K) REPORT OF INDEPE... Page 38 of 243 


REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRP 

To the Board of Directors and Stockholders of The Bear Stearns Companie: 

07 

We have audited the consolidated financial statements of The Bear Stearns 
as of November 30, 2007 and 2006, and for each of the three years in the p 
Company's internal control over financial reporting as of November 30, 200‘ 
January 28, 2008 (such report on the consolidated financial statements exp 
explanatory paragraph relating to the adoption of Statement of Financial Ao 
for Certain Hybrid Instruments, an amendment of FASB Statements No. 131 
Measurements"); such consolidated financial statements and reports are inc 
and are incorporated herein by reference. Our audits also included the finar 
Stearns Companies Inc. (Parent Company Only), listed in Item 15. This fina 
Company's management. Our responsibility is to express an opinion based 
statement schedule, when considered in relation to the basic consolidated f 
fairly, in all material respects, the information set forth therein. 

Effective December 1, 2006, the Company adopted SFAS No. 155, "Accour 
of FASB Statements No. 133 and 140" and SFAS No. 157, "Fair Value Mea 


/ s / Deloitte & Touche X 

New York, New York 
January 28, 2008 


F-2 


http://sec.edgar-onlme.com/beai-steams-companIes-Inc/10-k-annual-repoit/2008/01/29/sec... 7/23/2012 



129 


Form 10-K 


Page 110 of 176 


Table of Contents 


PART II 

ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA 

ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA 


Index to Consolidated Financial Statements of MF Global Holdings Ltd. 


Consolidated Financial Statements as of and for the years ended March 31, 201 1, 2010 and 2009: 

Management's Report on internal Control over Financial Reporting 83 

Report of Independent Registered Public Accounting Firm 84 

Consolidated Statements of Operations, for the years ended March 31 . 201 1 . 201 0 and 2009 . 85 

Consolidated Balance Sheets, as of March 31 , 201 1 and 2010 86 

Consolidated Statements of Cash Flows, for the years ended March 31 . 201 1 . 2010 and 2009 87 

Consolidated Statement of Changes in Equity, for the years ended March 31 ■ 201 1 , 2010 and 2009 89 

Consolidated Statements of Comprehensive Income, for the years ended March 31 , 2011, 2010 and 2009 90 

Notes to Consolidated Financial Statements 91 


82 . MF Global 2011 Form 10-K 


http://www.sec.gov/Archives/edgar/data/1401106/000] 1 931251 1145663/dlOk.htm 


7/23/2012 




130 


Form 10-K 


Page 111 of 176 


Table of Contents 

PART II 

ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA 

Management’s Report on Internal Control over Financial Reporting 

Management of MF Global Holdings Ltd. together with its consolidated subsidiaries (the "Company"), is responsible for establishing and maintaining 
adequate internal control over financial reporting. 

The Company’s internal control over financial reporting is a process designed under the supervision of the Company's principal executive and principal 
financial officers to provide reasonable assurance regarding the reliability of financial reporting and the preparation of the Company’s consolidated 
financial statements for external reporting purposes in accordance with accounting principles generally accepted in the United States of America. 

The Company's internal control over financial reporting includes policies and procedures that pertain to the maintenance of records that, in reasonable 
detail, accurately and fairly reflect transactions and dispositions of assets; provide reasonable assurances that transactions are recorded as necessary 
to permit preparation of consolidated financial statements in accordance with accounting principles generally accepted in the United States of America, 
and that receipts and expenditures are being made only in accordance with authorizations of management and the directors of the Company; and 
provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the Company's assets that 
could have a material effect or> our financial statements. 

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. In addition, projections of any 
evaluation of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions or that the 
degree of compliance with the policies or procedures may deteriorate. 

Management conducted an assessment of the effectiveness of foe Company's internal control over financial reporting as of March 31 , 201 1 based on 
the framework established in Internal Control— Integrated Framework issued by the Committee of Sponsoring Organizations of foe Treadway 
Commission. Based on this assessment, management has determined that the Company's internal control over financial reporting as of March 31 , 2011 
was effective and that there were no material weaknesses in the Company's internal control over financial reporting as of that date. 

The Company’s internal control over financial reporting as of March 31 , 201 1 has been audited by PricewaterhouseCoopers LLP, an independent 
registered public accounting firm, as stated in their report included within, which expresses an unqualified opinion on the effectiveness of the Company's 
internal control over financial reporting as of March 31, 2011. 


MF Global 2011 Form 10-K 83 


http://wwvv.sec.gov/Archjss:s/edgar/data/140n06/0001193 1 25 1 1145663/dl Ok.htm 


7/23/2012 



131 


Form 10-K 


Page 112 of 176 


Table of Contents 


PART II 

ITEM 8. FINANCIAL STATEMENTS AND SUPPLEMENTARY DATA 

Report of Independent Registered Public Accounting Firm 

To the Board of Directors and Shareholders of 
MF Global Holdings Ltd.: j j 

in our opinion, the accompanying consolidated balance sheets and the related consolidated statements of operations, cash flows, changes in equity, 
and comprehensive income present fairly, in ail material respects, the financial position of MF Global Holdings Ltd. and its subsidiaries {the "Company”) 
at March 31 , 201 1 and 2010, and the results of their operations and their cash flows for each of the three years in the period ended March 31 , 201 1 in 
conformity with accounting principles generally accepted in the United States of America. Also in our opinion, the Company maintained, in ail material 
respects, effective internal control over financial reporting as of March 31, 2011, based on criteria established in Internal Control — integrated Framework 
issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The Company's management Is responsible for these 
financial statements, for maintaining effective interna! control over financial reporting and for its assessment of the effectiveness of internal control over 
financial reporting, included in the accompanying Management's Report on Internal Control over Financial Reporting. Our responsibility is to express 
opinions on these financial statements and on the Company's internal control over financial reporting based on our integrated audits. We conducted our 
audits in accordance with the standards of the Public Company Accounting Oversight Board (United States). Those standards require that we plan and 
perform the audits to obtain reasonable assurance about whether the financial statements are free of material misstatement and whether effective • 
internal control over financial reporting was maintained in all material respects. Our audits of the financial statements included examining, on a test 
basis, evidence supporting the amounts and disclosures In the financial statements, assessing the accounting principles used and significant estimates 
made by management, and evaluating the overall financial statement presentation. Our audit of internal control over financial reporting included 
obtaining an understanding of internal control over financial reporting, assessing the risk that a material weakness exists, and testing and evaluating the 
design and operating effectiveness of internal control based on the assessed risk. Our audits also included performing such other procedures as we 
considered necessary in the circumstances. We believe that our audits provide a reasonable basis for our opinions. 

A company’s internal control over financial reporting is a process designed to provide reasonable assurance regarding the reliability of financial reporting 
and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles. A company's internal 
control over financial reporting includes those policies and procedures that (i) pertain to the maintenance of records that, in reasonable detail, accurately 
and fairly reflect the transactions and dispositions of the assets of the company; (ii) provide reasonable assurance that transactions are recorded as 
necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures 
of the company are being made only in accordance with authorizations of management and directors of the company; and (iii) provide reasonable 
assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of the company's assets that could have a material 
effect on the financial statements. 

Because of its inherent limitations, internal control over financial reporting may not prevent or detect misstatements. Also, projections of any evaluation 
of effectiveness to future periods are subject to the risk that controls may become inadequate because of changes in conditions, or that the degree of 
compliance with the policies or procedures may deteriorate. 


ISI PRICEWATERHOUSECOOPERS LLP 

New York, New York 
May 19, 2011 

84 MF Global 2011 Form 10-K 


http ://w\wv.sec.gov/A.rchtves/edgar/data/l 4011 06/0001 19312511 145663/d 1 0k.htm 


923/2012 



132 


REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM 
To the Board of Directors and Stockholders of Fannie Mae: — - Q~y 

We have audited the accompanying consolidated balance sheets of Fannie Mae and consolidated entities (the 
“Company”) as of December 31, 2006 and 2005, and the related consolidated statements of income, cash 
flows, and changes in stockholders’ equity for each of the three years in the period ended December 31, 2006. 
These financial statements are the responsibility of the Company’s management. Our responsibility is to 
express an opinion on these financial statements based on our audits. 

We conducted our audits in accordance with the standards of the Public Company Accounting Oversight 
Board (United States). Those standards require that we plan and perform the audit to obtain reasonable 
assurance about whether the financial statements are free of material misstatement. An audit includes 
examining, on a test basis, evidence supporting the amounts and disclosures in the financial statements. An 
audit also includes assessing the accounting principles used and significant estimates made by management, as 
well as evaluating the overall financial statement presentation. We believe that our audits provide a reasonable 
basis for our opinion. 

In our opinion, such consolidated financial statements present fairly, in all material respects, the financial 
position of Fannie Mae and consolidated entities as of December 31, 2006 and 2005, and the results of their 
operations and their cash flows for each of the three years in the period ended December 31, 2006, in 
conformity with accounting principles generally accepted in the United States of America. 

We have also audited, in accordance with the standards of the Public Company Accounting Oversight Board 
(United States), the effectiveness of the Company’s internal control over financial reporting as of December 31, 
2006, based on the criteria established in Internal Control-Integrated Framework issued by the Committee of 
Sponsoring Organizations of the Treadway Commission and our report dated August 15, 2007 expressed an 
unqualified opinion on management’s assessment of the effectiveness of the Company’s internal control over 
financial reporting and an adverse opinion on the effectiveness of the Company’s internal control over 
financial reporting because of material weaknesses. 

/s/ Deloitte & Touche LLP 

Washington, DC 
August 15, 2007 


F-2 



133 


REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM 


To the Board of Directors and Stockholders of Freddie Mac: - 0$ 

In our opinion, the accompanying consolidated balance sheets and the related consolidated statements of operations, of 
cash flows, and of stockholders’ equity (deficit) present fairly, in all material respects, the financial position of Freddie Mac, 
a stockholder-owned government-sponsored enterprise, and its subsidiaries (the “Company”) at December 31, 2008 and 2007, 
and the results of their operations and their cash flows for each of the three years in the period ended December 31, 200.8 in 
conformity with accounting principles generally accepted in the Uaited States of America. These financial statements are the 
responsibility of the Company’s management. Our responsibility is to express an opinion on these financial statements based 
on our audits. We conducted our audits of these statements in accordance with the standards of the Public Company 
Accounting Oversight Board (United States). Those standards require that we plan and perform the audit to obtain reasonable 
assurance about whether the financial statements are free of material misstatement. An audit includes examining, on a test 
basis, evidence supporting the amounts and disclosures in the financial statements, assessing the accounting principles used 
and significant estimates made by management, and evaluating the overall financial statement presentation. We believe that 
our audits provide a reasonable basis for our opinion. 

v We have also audited in accordance with the standards of the Public Company Accounting Oversight Board (United 
States) the supplemental consolidated fair value balance sheets of the Company as of December 31, 2008 and 2007. As 
described in “NOTE 17: FAIR VALUE DISCLOSURES,” the supplemental consolidated fair value balance sheets have been 
prepared by management to present relevant financial information that is not provided by the historical-cost consolidated 
balance sheets and is not intended to be a presentation in conformity with accounting principles generally accepted in the 
United States of America. In addition, the supplemental consolidated fair value balance sheets do not purport to present the 
net realizable, liquidation, or market value of the Company as a whole. Furthermore, amounts ultimately realized by the 
Company from the disposal of assets or amounts required to settle obligations may vary significantly from the fair values 
presented. In our opinion, the supplemental consolidated fair value balance sheets referred to above present fairly, in all 
material respects, the information set forth therein as described in “NOTE 17: FAIR VALUE DISCLOSURES”. 

The Company has been placed into conservatorship by the Federal Housing Finance Agency (“FHFA”). The U.S. 
Department of Treasury (‘Treasury”) has committed financial support to the Company and management continues to conduct 
business operations pursuant to the delegated authorities from FHFA during conservatorship. The Company is dependent 
upon the continued support of Treasury and FHFA. These and other related matters are discussed in “NOTE 1: SUMMARY 
OF SIGNIFICANT ACCOUNTING POLICIES” to the consolidated financial statements. 

As discussed in “NOTE 1: SUMMARY OF SIGNIFICANT ACCOUNTING POLICIES” to the consolidated financial 
statements, the Company changed how it defines, measures and discloses the fair value of assets and liabilities as of 
January 1, 2008, elected to measure certain financial instruments and other items at fair value that are- not required to be 
measured at fair value, changed its method of accounting for uncertainty in income taxes as of January 1, 2007, elected to 
measure newly acquired interests in securitized financial assets that contain embedded derivatives at fair value as of 
January 1, 2007, and changed its method of accounting for defined benefit plans as of December 31, 2006. 


/s/ PricewaterhouseCoopers LLP 

McLean, Virginia 
March .11, 2009 


181 


Freddie Mac 


O 



